Assume Breach. Time to Hunt.
Advanced attacks like the SolarWinds backdoor are on the rise, while preventive solutions have failed to detect them. It’s critical to assume breach and search for any traces of malicious code running in your network, even without getting an alert from your EDR.
Intezer can help you conduct immediate and/or periodical Proactive Hunting operations, by scanning in-memory for any malicious code across all your endpoints.
- What is Proactive Hunting?
- Does this replace my Antivirus or endpoint protection solution?
- Can I use it to detect SUNBURST code in my network?
- How do I deploy the In-Memory Hunter across my network?
- How much does it cost?
- How can I get started?
Proactive Hunting is a one-time or periodical scan of your endpoints, for the purpose of identifying traces of threats across the network without waiting for an alert from your existing detection systems.
It is done by running a standalone executable (no installation), which scans the memory of your endpoints to look for any application that shares even the smallest amount of code with any malware or previously known threat.
No, Proactive Hunting is a second line of defense. Assuming any protection system can fail, you might have malicious activities dwelling in your network. Intezer inspects for malicious code similarities in-memory, which isn’t done by standard real-time security products.
Yes, Intezer detects any process, application or memory injection that has code similarities with any cyber threat seen in history, including the SUNBURST attack and other high-profile nation-state APTs.
Memory scanning is done using a lightweight memory scanner—a standalone executable that doesn’t require installation and runs in user mode.
The scan takes several minutes for each endpoint and can run simultaneously in multiple endpoints. Scan results are available through Intezer’s web interface.
Pricing is based on the number of endpoints to scan and starts from $10/endpoint per year.
Please provide your contact details below and we will contact you ASAP.