Attacks can come from anywhere

Can you identify threats that don’t use known malware…


Proactive Threat Hunting

Threat hunting can reduce dwell time, the time between a breach and its discovery. Shortening that time can make the difference between spending a few thousand dollars on remediation and millions to deal with a full-on compromise.


Proactive Threat Hunting goes beyond the traditional SOC-based threat hunting activities by looking for threat indicators from systems which may not be sending their system logs or that are outside the scope of logging.

Proactive Threat Hunting requires toolsets and technology beyond what normal Security Operations maintain to perform their day-to-day threat monitoring and triage activities. When proactive methods and technologies are used, it can reduce false positives, enhance the accuracy and speed positive confirmation of threat analysis/response activities in the SOC.


ThreatWatch® Hunt integrates hunting toolsets and methods with Security On-Demand’s proprietary correlation and behavioral analysis capabilities, such as machine learning-based artificial intelligence and supervised learning models that use behavioral analysis of attack patterns.  As part of the service, SOD will:

  • Correlate such activity with logs, alerts, and other information received

  • Monitor the alerts, logs, and output provided by the advanced threat hunting activities

  • Validate the threat as part of the triage and investigation process

  • Tune and provide continual feedback to ensure that normal system behavior is baselined

Once an alert for a potential threat is received, the data is correlated with other security information and then our SOC team will respond to further triage and investigate the suspicious activity.
The ThreatWatch Hunt service conducts periodic scheduled scans of network devices.  Implants and threats discovered during a sweep initiate an alert to the ATLAS Analytics Platform. 

Companies that identified a breach in less than 100 days saved more than $1 million as compared to those that took more than 100 days. Similarly, companies that contained a breach in less than 30 days saved over $1 million as compared to those that took more than 30 days to resolve. (IBM 2018 Cost of Data Breach study)

Contact Us

We're threat hunting! Send us a quick email here and we will get back to you asap.

Not readable? Change text. captcha txt