LAS VEGAS, Aug. 03, 2021 (GLOBE NEWSWIRE) -- Black Hat USA 2021 -- Hunters, the leading Open Extended Detection and Response (XDR) platform, announced today a set of capabilities that further strengthen its position as the leading alternative to SIEM for organizations that seek to accelerate their incident detection, investigation and response.
“The new capabilities further position Hunters as a platform of choice by customers looking to replace their SIEM with a modern XDR platform that is built for the security needs of today’s enterprise,” said Noam Biran, vice president of product at Hunters. “Hunters XDR is becoming a central tool for security operations, used by some of the world’s largest organizations to connect telemetry from their entire security and IT environment, automatically turning signals into a cohesive view of real incidents, with context, in order to drive a rapid, effective SOC response.”
To learn how NETGEAR used Hunters to replace its SIEM, join a FREE Lunch and Learn as part of the Virtual Black Hat 2021 conference, Thursday, August 5th, 2021 12:20 -1:00 pm PT/ 3:20-4:00 EST. Step 1: Sign up for Black Hat, 'Free Business Pass'; Step 2: Register for the Lunch and Learn.
Enhanced Automatic Investigations
One of the most critical gaps organizations face in their Threat Detection and Incident Response program is the complexity of incident investigation. While security teams have deployed a variety of tools and sensors (e.g., EDR, NDR, Cloud security, Email security, Identity and others) that alert on suspicious behaviors, it takes a lengthy and usually complex process for security analysts to connect the dots and form a coherent view of an incident before being able to contain and remediate it.
The process of manually stitching together siloed threat signals is extremely time-consuming, often frustrating, and in many cases inaccurate, due to the lack of context with alerts and the skills needed for correctly identifying seemingly unrelated signals.
Hunters XDR changes the paradigm of incident detection. While other solutions deploy a variety of mechanisms to filter out noise, Hunters technology does the opposite - it amplifies true positive signals through its dynamic scoring and automatic investigation mechanism.
The Hunters XDR automatic investigation capability eliminates the need to sift through hundreds or thousands of daily alerts, giving security analysts more time to work strategically. A new upgrade to this capability provides even more context to enable a more thorough and effective understanding and triage. Every alert in the Hunters platform is now enriched with additional supporting data correlated with information from external sources. In order to do so, investigations now focus on the key entities involved in a specific activity and automatically provide explanations and insights on what happened.
Auto-Investigations are grouped into key meaningful entities that are related to the alert such as host, person, process and others, each with its own related attributes, enrichments and activity data, that enable a deeper understanding of the inter-relation between them and, as a result, of the maliciousness of the alert.
Learn more about Hunters’ Auto-Investigation and Scoring mechanisms in our recent blog.
Custom Detections (or “Rule-Writing” 2.0)
Hunters XDR’s pre-built detections provide comprehensive coverage out-of-the-box, but customers can also add their own detection logic into the platform to easily query the data without writing a single line of SQL.
The rule-writing approach for detection that legacy SIEMs employ is cumbersome, noisy and inefficient, and since no one knows better the security ecosystem of the organization than their SOC team does, having the ability to customize detections that fit their very own environment on top of all the out-of-the-box Hunters’ TTP-based detection is a key advantage.
With Custom Detections users can add their own detection logic on top of the ingested and normalized data, defining their own detection rules or using logic taken from external public repositories in order for the platform to apply that logic on the ingested data. As part of the Custom Detections feature, users can also define the base score, associated MITRE ATT&CK TTPs and other metadata. The Hunters XDR ecosystem is applied to Custom Detections. Signals and leads generated by these detections are automatically investigated, scored, cross-correlated and presented to the user with comprehensive context.
Dashboards & Reporting
The Hunters XDR Dashboard and Reporting capabilities allow security teams to use Hunters’ data (alerts, leads, MITRE ATT&CK TTPs, etc.) as well as raw data from the security data lake to create custom dashboards to visualize SOC metrics, monitor activity in the network, analyze threat trends and track the organization's security posture.
Users can generate and share reports with peers and with other functions of the organizations.
Dashboarding can be used for these purposes and many others:
- Monitoring security team operations
- Tracking security threat trends
- CISO KPIs dashboard
- Executive IT-Security reports
- Organization security posture tracking
- IT-Security visibility
About Hunters
Hunters XDR is a turn-key data and security platform powering effective detection and rapid response to security incidents. Ideal for security operations teams working to contain technology sprawl, adapt to cloud-scale and extend the value of the existing data streams, the Hunters' Open XDR is adopted as a modern SIEM replacement by the world’s largest enterprises. Hunters is backed by leading VCs and strategic investors including Snowflake, Okta, Microsoft M12, YL Ventures and USVP.
CONTACT:
Deb Montner, Montner Tech PR
(203) 226-9290
dmontner@montner.com
Photos accompanying this announcement are available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/0c138602-67d9-414e-8302-798a9b2e0e59
https://www.globenewswire.com/NewsRoom/AttachmentNg/8d7be382-1405-40a4-9788-4de52fa36765
https://www.globenewswire.com/NewsRoom/AttachmentNg/e6575079-2246-45e8-86c3-47677d0bf809
A video accompanying this announcement is available at: https://www.globenewswire.com/NewsRoom/AttachmentNg/05db8786-0ff9-40dd-8738-7820b82d8469