The XDR
your SOC Needs

Hunters’ XDR elevates security stacks to detect threats at greater depth and scope, transforming petabytes of organizational data into attack findings. Scroll to learn how.

Detection and Response at an Attacker's Pace

Do Not Touch !!

Flexible Ingestion

Hunters.AI uses its cloud connectors to pipe into existing data sources and security products from all across the network, cloud, endpoint, and even SIEM.
Easily connect data to start generating insights.
PB

Threat Signal Extraction

Hunters.AI extracts threat signals and alerts from petabytes of existing security data using a stream processing analytics technology. It enables near real-time processing and complex analytics. Threat signal extraction is guided by Hunters’ TTP-based attack intel which is also mapped onto the MITRE ATT&CK framework.
1000s

Do Not Touch !!

Investigation and Scoring

In order to contextualize and utilize weak/noisy threat signals, Hunters.AI performs autonomous investigations. It automatically extracts features and entities that were involved in a specific suspicious activity, and leverages ML to score those.
100s

Correlation

Hunters' XDR loads investigated threat signals into a graph populated with relevant entities and relationships. It then uses unsupervised learning to correlate them across disparate areas of dense suspicious activity (e.g. suspected phishing email followed by malware downloads on gateway and EDR).
10s

Do Not Touch !!

Actionable Attack Stories

Hunters’ Attack Stories include full attack summary and outline, with details such as context, path, target and potential impact. Attack stories are pushed to customers as high confidence findings which can be escalated to SOC leveraging existing workflows (e.g., SIEM, SOAR, Ticketing Systems, etc.)
1s

Use Cases

01

Create account on Hunters’ cloud platform

02

Connect your stack with a few simple clicks

03

Gain access to Hunters’ Knowledge Graph to:

USE CASE 1

Triage Automation
Use Hunters.AI scoring and prioritization to reduce detection and triage time.

USE CASE 2

Incident Response
Expedite incident response by uncovering root cause analysis, and gain unprecedented risk awareness and insights into multi-surface incidents.

USE CASE 3

Threat Hunting
Improve sophisticated threat hunting quests by leveraging Hunters' detections of weak threat signals that bypass siloed organizational defenses.

Optional managed Threat Hunting and IR services

Use Cases

01

Create account on Hunters’ cloud platform

02

Connect your stack with a few simple clicks

03

Gain access to Hunters’ Knowledge Graph to:

USE CASE 1

Triage Automation
Use Hunters.AI scoring and prioritization to reduce detection and triage time.

USE CASE 2

Incident Response
Expedite incident response by uncovering root cause analysis, and gain unprecedented risk awareness and insights into multi-surface incidents.

USE CASE 3

Threat Hunting
Improve sophisticated threat hunting quests by leveraging Hunters' detections of weak threat signals that bypass siloed organizational defenses.

Optional managed Threat Hunting and IR services

Competitive Comparison

SIEM

Single-Vendor XDR

Best-of-Breed XDR

Cloud based and scalable

No

Yes

Yes

Ingestion

Data sources support

Limited analysis support to a variety of data sources

Good analysis support for a vendor-limited products group 

Deep analysis across 7 best-of-breed product categories, APIs and static tables

Data sources ingestion

Hard; requires extensive implementation

Easy

Easy.
Few clicks via a SaaS

Out-of-the-box detectors and alerts

No. Limited to a set of generic use cases. Requires extensive implementation

No. Limited to vendor stack

Yes.
Out-of-the-box detectors; no implementation or tuning needed

Detection

Detectors updates

No.
Requires daily efforts from engineering and SOC analysts

Yes

Yes.
Continuously updating and adding detectors according to latest attacks and threat analysis

Attack surface coverage

Limited coverage, minimal cloud coverage

Extended coverage,
vendor-limited

Multiple attack surfaces coverage: enterprise network, cloud environments, endpoint, SaaS, and more

Investigation

Automatic investigation

No. Manual

Yes. Limited to vendor-specific products

Yes.
Out-of-the-box enrichments and investigation playbooks

Scoring of threat signals

No.
Manual daily triage of hundreds of alerts and false positives

Yes

Yes.
ML based scoring points to the interesting threat signals

Correlation

Threat signals correlation

No.
Log correlation only. Limited because different logs work in different semantics

Partial

Yes.
Recursively extracting entities and correlating them on a graph to find highly suspicious attack stories

Weak signals coverage

Included with no context

Not necessarily included

Included and contextualized

Alerting

Many alerts and false-positives

Fewer alerts

No singular alerts. Highly correlated findings

Packaging

High fidelity incidents

Not included

Not included

Included

Cost

Based on data volumes. Requires hiring

Based on storage. Premium pricing from existing products

Fixed charge. Does not
require hiring

Competitive Comparison

Hunters FAQ

Want to learn more? Watch a demo

Scroll to Top