Proactive Hunting with Intezer
Analyze malware and unknown files for free analyze.intezer.com

Proactive Hunting

Assume Breach. Time to Hunt.

Advanced attacks like the SolarWinds backdoor are on the rise, while preventive solutions have failed to detect them. It’s critical to assume breach and search for any traces of malicious code running in your network, even without getting an alert from your EDR.  

Intezer can help you conduct immediate and/or periodical Proactive Hunting operations, by scanning in-memory for any malicious code across all your endpoints.

  • What is Proactive Hunting?
  • Proactive Hunting is a one-time or periodical scan of your endpoints, for the purpose of identifying traces of threats across the network without waiting for an alert from your existing detection systems.

    It is done by running a standalone executable (no installation), which scans the memory of your endpoints to look for any application that shares even the smallest amount of code with any malware or previously known threat.

    Technical information

  • Does this replace my Antivirus or endpoint protection solution? 
  • No, Proactive Hunting is a second line of defense. Assuming any protection system can fail, you might have malicious activities dwelling in your network. Intezer inspects for malicious code similarities in-memory, which isn’t done by standard real-time security products.

  • Can I use it to detect SUNBURST code in my network?
  • Yes, Intezer detects any process, application or memory injection that has code similarities with any cyber threat seen in history, including the SUNBURST attack and other high-profile nation-state APTs.

    Intezer was the first to detect high-profile attacks including WannaCry, Turla, and APT28.

  • How do I deploy the In-Memory Hunter across my network?
  • Memory scanning is done using a lightweight memory scanner—a standalone executable that doesn’t require installation and runs in user mode. 

    The scan takes several minutes for each endpoint and can run simultaneously in multiple endpoints. Scan results are available through Intezer’s web interface.

    Deployment

  • How much does it cost? 
  • Pricing is based on the number of endpoints to scan and starts from $10/endpoint per year.

  • How can I get started?
  • Please provide your contact details below and we will contact you ASAP.


      First Name
      Last Name
      Job Title
      Company
      Email
      Country

    © Intezer.com 2021 All rights reserved