Threat Hunting Framework

Group-IB Threat Hunting Framework becomes your local center for research, detection, and response.

  • Detection of previously unknown threats based on Group-IB Threat Intelligence & Attribution. Proactive search for anomalies, hidden tunnels, and signs of communications with C&C server.

  • Automated correlation of events and alerts, and subsequent attribution. Global proactive threat hunting that exposes adversaries' infrastructure, TTPs, intent, and plans.

  • Proprietary tools: network graph analysis and malware detonation platform provide data enrichment, correlations, and analysis.

  • Full overview of the attack, in-depth management of incidents (up to Mutex/Pipes/Registry/Files).


Adversary-centric detection of targeted attacks and unknown threats for IT and OT environments