SECURITY
SECURITY
SECURITY
Intel 471 introduces Guided Threat Hunts to streamline advanced threat detection
Intelligence-driven cybersecurity company Intel 471 Inc. today announced the launch of Guided Threat Hunts, a new method driven tool that gives threat hunters capabilities to craft their own queries and filters to better identify sophisticated threat behaviors that evade traditional detection methods.
Guided Threat Hunts, offered as part of the company’s HUNTER solution, allow analysts to use Pivot Queries to ask intelligent follow-up questions on initial threat hunt searches within their own security platforms. Additionally, analysts can also use Filter Queries to cut through the noise of query results.
Intel 471’s library of intelligence-driven threat hunt packages already addresses more than 80% of advanced threats, but with the new enhancement, which leverages information across the company’s cyber intelligence platform, hunt teams can cover down the last 20% of their organization’s unique risk. The functionality equips hunters with the relevant information and context needed to capture critical data inputs, such as hostnames, process names and process IDs, to quickly find, neutralize and report undetected threats.
“Threat hunt teams are constantly tasked with sifting through large datasets or collecting data to support a hypothesis on a specific threat. This presents a challenge for organizations experiencing persistent shortages of seasoned threat hunters or skills gaps among available analysts,” said Chief Executive Jason Passwaters. “Effective threat hunting is a priority in today’s cyberthreat landscape and Intel 471 is dedicated to providing threat hunt teams with the tools they need to grow their skills and expand their threat hunting programs to better defend their organizations.”
Pivot Queries allow threat hunters to explore multiple investigative paths by asking intelligent follow-up questions related to their initial search. The capability helps analysts dive deeper into notable artifacts uncovered during the initial hunt and provides expert guidance on how to proceed with further investigation.
Filter Queries, on the other hand, allow users to refine their original search by incorporating exclusions that reduce noise from large datasets and irrelevant results. The customization helps tailor queries to specific environments, making threat hunting more precise and manageable.
Guided Threat Hunts can be implemented across major security extended detection and response platforms. By allowing threat hunt teams to implement standard operating procedures that align with their team’s methodology for structured threat hunts, practitioners are said by Intel 471 to be able to promote more accurate and effective hunts while also lowering the costs of onboarding new threat hunters.
Image: SiliconANGLE/Reve
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
