Threat Hunting Framework
A unified proprietary platform of intelligent detection technologies to allow for effective response and mitigation.
Highly Effective Monitoring Tool
- Detection of previously unknown threats based on Threat Intelligence & Attribution data. Proactive search for anomalies, hidden tunnels, and signs of communications with C&C servers.
- Automated correlation of events and alerts, and subsequent attribution to malware type and/or threat actor
- Global proactive threat hunting that exposes adversaries’ external infrastructure, TTPs, intent, and plans
- Proprietary tools – Network graph analysis and malware detonation platform provide data enrichment, correlations, and analysis
- Full overview of the attack, in-depth management of incidents (up to Mutex/Pipes/Registry/Files)
– Detection of Attacker Infrastructure on a Global Scale*
Technology conceived to collect a large amount of data and unique search algorithms designed to find connections and help detect infrastructure that hackers intend to use in future attacks
4.2 billion
IP addresses — daily scan of the entire IPv4 address range
145 million
SSH keys
211 million
domains and archived data from the past 17 years
1.6 billion
SSL-certificates
Meeting Key Information Security Challenges
Products corporate emails from targeted phishing and letters containing malware
Protect the network parimeter, Services, and user workstations from a malware
Protects infrastructure from being controlled by external attackers
Secure the transfers of files from untrusted to trusted file storages
Detects network anomalies
Protect workstations and servers from potentially unwanted apps and untrustworthy devices
Modules
The complete Threat Hunting Framework (THF) solution includes the following modules:
Managed Detection & Response 24/7
CERT-GIB
- Alert monitoring
- Remote response
- Anomaly analysis
- Incident management
- Threat Hunting
- Critical threat analysis
Detecting Infrastructure Management & Data Analysis
Huntbox
Collaborative Hunting & Response Platform
- External Threat Hunting
- Correlation & attribution
- Data storage
- Event analysis
- Internal Threat Hunting
- Retrospective analysis
- Module management
- Single interface
Attacks Detection & Prevention
Sensor
Network Research & Protection
- Traffic analysis
- File extraction
- Anomaly detection
Polygon
Malware Detonation & Research
- Isolated environment
- File analysis
- Link analysis
Huntpoint
Behaviour Inspection & Host Forensics
- Event logging
- Retrospective analysis
- Threat detection
- Response at hosts
Sensor Industrial
Analysis of industrial control systems
- Traffic analysis
- Support for industrial protocols
- Collection of information on firmware versioning
- Software integrity control