U.S. Markets closed
  • S&P 500

    4,432.99
    -40.76 (-0.91%)
     
  • Dow 30

    34,584.88
    -166.42 (-0.48%)
     
  • Nasdaq

    15,043.97
    -137.93 (-0.91%)
     
  • Russell 2000

    2,236.87
    +3.96 (+0.18%)
     
  • Crude Oil

    71.96
    -0.65 (-0.90%)
     
  • Gold

    1,753.90
    -2.80 (-0.16%)
     
  • Silver

    22.42
    -0.33 (-1.44%)
     
  • EUR/USD

    1.1732
    -0.0040 (-0.3402%)
     
  • 10-Yr Bond

    1.3700
    +0.0390 (+2.93%)
     
  • Vix

    20.81
    +2.12 (+11.34%)
     
  • GBP/USD

    1.3737
    -0.0059 (-0.4286%)
     
  • USD/JPY

    109.8950
    +0.1770 (+0.1613%)
     
  • BTC-USD

    47,795.35
    -543.32 (-1.12%)
     
  • CMC Crypto 200

    1,193.48
    -32.05 (-2.61%)
     
  • FTSE 100

    6,963.64
    -63.84 (-0.91%)
     
  • Nikkei 225

    30,500.05
    +176.75 (+0.58%)
     

Hunters Announces New Open XDR Capabilities Making it the Leading SIEM Alternative

·5 min read
An example of an Auto-Investigation for an “AWS Console Login from Host without an EDR Agent” alert.

Hunters XDR Custom Detections (or “Rule-Writing” 2.0)

A Custom Detection in the Hunters’ portal to detect rundll32.exe processes.
A Custom Detection in the Hunters’ portal to detect rundll32.exe processes.
A Custom Detection in the Hunters’ portal to detect rundll32.exe processes.

Hunters XDR Custom Reporting

An example of a Custom Widget for Alerts SLA.
An example of a Custom Widget for Alerts SLA.
An example of a Custom Widget for Alerts SLA.

Hunters XDR Dashboard

An example of a CISO Custom Dashboard.
An example of a CISO Custom Dashboard.
An example of a CISO Custom Dashboard.

LAS VEGAS, Aug. 03, 2021 (GLOBE NEWSWIRE) -- Black Hat USA 2021 -- Hunters, the leading Open Extended Detection and Response (XDR) platform, announced today a set of capabilities that further strengthen its position as the leading alternative to SIEM for organizations that seek to accelerate their incident detection, investigation and response.

“The new capabilities further position Hunters as a platform of choice by customers looking to replace their SIEM with a modern XDR platform that is built for the security needs of today’s enterprise,” said Noam Biran, vice president of product at Hunters. “Hunters XDR is becoming a central tool for security operations, used by some of the world’s largest organizations to connect telemetry from their entire security and IT environment, automatically turning signals into a cohesive view of real incidents, with context, in order to drive a rapid, effective SOC response.”

To learn how NETGEAR used Hunters to replace its SIEM, join a FREE Lunch and Learn as part of the Virtual Black Hat 2021 conference, Thursday, August 5th, 2021 12:20 -1:00 pm PT/ 3:20-4:00 EST. Step 1: Sign up for Black Hat, 'Free Business Pass'; Step 2: Register for the Lunch and Learn.

Enhanced Automatic Investigations

One of the most critical gaps organizations face in their Threat Detection and Incident Response program is the complexity of incident investigation. While security teams have deployed a variety of tools and sensors (e.g., EDR, NDR, Cloud security, Email security, Identity and others) that alert on suspicious behaviors, it takes a lengthy and usually complex process for security analysts to connect the dots and form a coherent view of an incident before being able to contain and remediate it.

The process of manually stitching together siloed threat signals is extremely time-consuming, often frustrating, and in many cases inaccurate, due to the lack of context with alerts and the skills needed for correctly identifying seemingly unrelated signals.

Hunters XDR changes the paradigm of incident detection. While other solutions deploy a variety of mechanisms to filter out noise, Hunters technology does the opposite - it amplifies true positive signals through its dynamic scoring and automatic investigation mechanism.

The Hunters XDR automatic investigation capability eliminates the need to sift through hundreds or thousands of daily alerts, giving security analysts more time to work strategically. A new upgrade to this capability provides even more context to enable a more thorough and effective understanding and triage. Every alert in the Hunters platform is now enriched with additional supporting data correlated with information from external sources. In order to do so, investigations now focus on the key entities involved in a specific activity and automatically provide explanations and insights on what happened.

Auto-Investigations are grouped into key meaningful entities that are related to the alert such as host, person, process and others, each with its own related attributes, enrichments and activity data, that enable a deeper understanding of the inter-relation between them and, as a result, of the maliciousness of the alert.

Learn more about Hunters’ Auto-Investigation and Scoring mechanisms in our recent blog.

Custom Detections (or “Rule-Writing” 2.0)

Hunters XDR’s pre-built detections provide comprehensive coverage out-of-the-box, but customers can also add their own detection logic into the platform to easily query the data without writing a single line of SQL.

The rule-writing approach for detection that legacy SIEMs employ is cumbersome, noisy and inefficient, and since no one knows better the security ecosystem of the organization than their SOC team does, having the ability to customize detections that fit their very own environment on top of all the out-of-the-box Hunters’ TTP-based detection is a key advantage.

With Custom Detections users can add their own detection logic on top of the ingested and normalized data, defining their own detection rules or using logic taken from external public repositories in order for the platform to apply that logic on the ingested data. As part of the Custom Detections feature, users can also define the base score, associated MITRE ATT&CK TTPs and other metadata. The Hunters XDR ecosystem is applied to Custom Detections. Signals and leads generated by these detections are automatically investigated, scored, cross-correlated and presented to the user with comprehensive context.

Dashboards & Reporting

The Hunters XDR Dashboard and Reporting capabilities allow security teams to use Hunters’ data (alerts, leads, MITRE ATT&CK TTPs, etc.) as well as raw data from the security data lake to create custom dashboards to visualize SOC metrics, monitor activity in the network, analyze threat trends and track the organization's security posture.

Users can generate and share reports with peers and with other functions of the organizations.

Dashboarding can be used for these purposes and many others:

  • Monitoring security team operations

  • Tracking security threat trends

  • CISO KPIs dashboard

  • Executive IT-Security reports

  • Organization security posture tracking

  • IT-Security visibility

About Hunters

Hunters XDR is a turn-key data and security platform powering effective detection and rapid response to security incidents. Ideal for security operations teams working to contain technology sprawl, adapt to cloud-scale and extend the value of the existing data streams, the Hunters' Open XDR is adopted as a modern SIEM replacement by the world’s largest enterprises. Hunters is backed by leading VCs and strategic investors including Snowflake, Okta, Microsoft M12, YL Ventures and USVP.

CONTACT:
Deb Montner, Montner Tech PR
(203) 226-9290
dmontner@montner.com

Photos accompanying this announcement are available at

https://www.globenewswire.com/NewsRoom/AttachmentNg/0c138602-67d9-414e-8302-798a9b2e0e59

https://www.globenewswire.com/NewsRoom/AttachmentNg/8d7be382-1405-40a4-9788-4de52fa36765

https://www.globenewswire.com/NewsRoom/AttachmentNg/e6575079-2246-45e8-86c3-47677d0bf809

A video accompanying this announcement is available at: https://www.globenewswire.com/NewsRoom/AttachmentNg/05db8786-0ff9-40dd-8738-7820b82d8469