The XDR
your SOC Needs

Hunters XDR elevates security stacks to detect threats at greater depth and scope, transforming petabytes of organizational data into attack findings.
Scroll to learn how.

Detection and Response at an Attacker's Pace

Do Not Touch !!

Scroller

Flexible Ingestion

Hunters XDR uses its cloud connectors to pipe into existing data sources and security products from all across the network, cloud, endpoint, and even SIEM.
Connect data easily to start generating insights.
PB
Scroller
Scroller

Threat Signal Extraction

Hunters extracts threat signals and alerts from petabytes of existing security data using a stream processing analytics technology. It enables near real-time processing and complex analytics. Threat signal extraction is guided by Hunters’ TTP-based attack intelligence which is also mapped into the MITRE ATT&CK framework.
1000s
Scroller

Do Not Touch !!

Scroller

Investigation and Scoring

In order to contextualize and utilize weak/noisy threat signals, Hunters XDR performs autonomous investigations. It automatically extracts features and entities that were involved in a specific suspicious activity, and leverages ML to score those.
100s
Scroller
Scroller

Correlation

Hunters XDR loads investigated threat signals into a graph populated with relevant entities and relationships. It then uses unsupervised learning to correlate them across disparate areas of dense suspicious activity (e.g. suspected phishing email followed by malware downloads on gateway and EDR).
10s
Scroller

Do Not Touch !!

Scroller

Actionable Attack Stories

Hunters’ Attack Stories include full attack summary and outline, with details such as context, path, target and potential impact. Attack stories are pushed to customers as high confidence findings which can be escalated to SOC leveraging existing workflows (e.g., SIEM, SOAR, Ticketing Systems, etc.)
1s
Scroller

Use Cases

01

Create account on Hunters’ open XDR platform

oval

02

Connect your stack with a few simple clicks

03

Gain access to Hunters’ Knowledge Graph to:

oval
Use Case

USE CASE 1

Triage Automation
Use Hunters' scoring and prioritization to reduce detection and triage time.
Use Case

USE CASE 2

Incident Response
Expedite incident response by uncovering root cause analysis, and gain unprecedented risk awareness and insights into multi-surface incidents.
Use case

USE CASE 3

Threat Hunting
Improve sophisticated threat hunting quests by leveraging Hunters' detections of weak threat signals that bypass siloed organizational defenses.
Use Case

Optional managed Threat Hunting and IR services

Use Cases

01

Create account on Hunters’ open XDR platform

02

Connect your stack with a few simple clicks

03

Gain access to Hunters’ Knowledge Graph to:

oval
oval
Use Case

USE CASE 1

Triage Automation
Use Hunters' scoring and prioritization to reduce detection and triage time.
Use Case

USE CASE 2

Incident Response
Expedite incident response by uncovering root cause analysis, and gain unprecedented risk awareness and insights into multi-surface incidents.
Use case

USE CASE 3

Threat Hunting
Improve sophisticated threat hunting quests by leveraging Hunters' detections of weak threat signals that bypass siloed organizational defenses.
Use Case

Optional managed Threat Hunting and IR services

Competitive Comparison

SIEM

Single-Vendor /closed XDR

Hunters Logo

open XDR

oval

Cloud based and scalable

No

Yes

Yes

Ingestion

oval

Data sources support

Limited analysis support to a variety of data sources

Good analysis support for a vendor-limited products group 

Deep analysis across 7 best-of-breed product categories, APIs and static tables

oval

Data sources ingestion

Hard; requires extensive implementation

Easy

Easy.
Few clicks via a SaaS

oval

Out-of-the-box detectors and alerts

No. Limited to a set of generic use cases. Requires extensive implementation

No. Limited to vendor stack

Yes.
Out-of-the-box detectors; no implementation or tuning needed

Detection

oval

Detectors updates

No.
Requires daily efforts from engineering and SOC analysts

Yes

Yes.
Continuously updating and adding detectors according to latest attacks and threat analysis

oval

Attack surface coverage

Limited coverage, minimal cloud coverage

Extended coverage,
vendor-limited

Multiple attack surfaces coverage: enterprise network, cloud environments, endpoint, SaaS, and more

oval

Investigation

Automatic investigation

No. Manual

Yes. Limited to vendor-specific products

Yes.
Out-of-the-box enrichments and investigation playbooks

oval

Scoring of threat signals

No.
Manual daily triage of hundreds of alerts and false positives

Yes

Yes.
ML based scoring points to the interesting threat signals

oval

Correlation

Threat signals correlation

No.
Log correlation only. Limited because different logs work in different semantics

Partial

Yes.
Recursively extracting entities and correlating them on a graph to find highly suspicious attack stories

oval

Weak signals coverage

Included with no context

Not necessarily included

Included and contextualized

oval

Alerting

Many alerts and false-positives

Fewer alerts

No singular alerts. Highly correlated findings

Packaging

oval

High fidelity incidents

Not included

Not included

Included

oval

Cost

Based on data volumes. Requires hiring

Based on storage. Premium pricing from existing products

Fixed charge. Does not
require hiring

Competitive Comparison

Hunters FAQ

Hunters-FAQ
Hunters-FAQ-Mobile

Want to learn more? Watch a demo

Scroll to Top