Super Secure > Threat Hunting Framework

Threat Hunting Framework

A unified proprietary platform of intelligent detection technologies to allow for effective response and mitigation.

Highly Effective Monitoring Tool

  • Detection of previously unknown threats based on Threat Intelligence & Attribution data. Proactive search for anomalies, hidden tunnels, and signs of communications with C&C servers.
  • Automated correlation of events and alerts, and subsequent attribution to malware type and/or threat actor
  • Global proactive threat hunting that exposes adversaries’ external infrastructure, TTPs, intent, and plans
  • Proprietary tools – Network graph analysis and malware detonation platform provide data enrichment, correlations, and analysis
  • Full overview of the attack, in-depth management of incidents (up to Mutex/Pipes/Registry/Files)

  • – Detection of Attacker Infrastructure on a Global Scale*

Technology conceived to collect a large amount of data and unique search algorithms designed to find connections and help detect infrastructure that hackers intend to use in future attacks

4.2 billion

IP addresses — daily scan of the entire IPv4 address range

145 million

SSH keys

211 million

domains and archived data from the past 17 years

1.6 billion

SSL-certificates

Meeting Key Information Security Challenges

Products corporate emails from targeted phishing and letters containing malware

Protect the network parimeter, Services, and user workstations from a malware

Protects infrastructure from being controlled by external attackers

Secure the transfers of files from untrusted to trusted file storages

Detects network anomalies

Protect workstations and servers from potentially unwanted apps and untrustworthy devices

Modules

The complete Threat Hunting Framework (THF) solution includes the following modules:

Managed Detection & Response 24/7

CERT-GIB

  • Alert monitoring
  • Remote response
  • Anomaly analysis
  • Incident management
  • Threat Hunting
  • Critical threat analysis

Detecting Infrastructure Management & Data Analysis

Huntbox

Collaborative Hunting & Response Platform

  • External Threat Hunting
  • Correlation & attribution
  • Data storage
  • Event analysis
  • Internal Threat Hunting
  • Retrospective analysis
  • Module management
  • Single interface

Attacks Detection & Prevention

Sensor

Network Research & Protection

  • Traffic analysis
  • File extraction
  • Anomaly detection

Polygon

Malware Detonation & Research

  • Isolated environment
  • File analysis
  • Link analysis

Huntpoint

Behaviour Inspection & Host Forensics

  • Event logging
  • Retrospective analysis
  • Threat detection
  • Response at hosts

Sensor Industrial

Analysis of industrial control systems

  • Traffic analysis
  • Support for industrial protocols
  • Collection of information on firmware versioning
  • Software integrity control

Decryptor

Decrypting TLS/SSL traffic in the protected infrastructure

For additional information please visit:

Hyperlink to: https://www.group-ib.com/threat-hunting-framework.html

If You Need Any Industrial Solution ... We Are Available For You

Contact Us