The Technology

Infocyte HUNT

 
Cybersecurity_Breakthrough_Award-Badge_2017.png
 
SCAWARDS2017_finalist_web.jpg
 
 

Proactively hunt for malware and persistent threats

Infocyte HUNT automates a traditional specialized knowledge and services-heavy forensics and continuous monitoring process, making it simple for your organization's IT and security teams to discover and respond to malware and persistent threats that have breached existing defenses. It offers organizations the ability to scan, find, and identify any suspicious software that has penetrated defenses – whether the malware is known or unknown, active or dormant. It’s automated discovery process allows you to quickly find threats and get to the business of incident response faster.

AGENTLESS

  • Agentless scans gather system information and scan volatile memory through patent-pending technology.
  • No pre-installed or permanent agents, simplifying deployment and endpoint maintenance.
  • Sweeps thousands of endpoints, spending a couple minutes on each, and conclusively validates their state: "Compromised" or "Not Compromised".
  • Deploy surveys to Windows or Linux endpoints via existing remote endpoint management protocols and solutions.
  • Discover active and dormant, known and unknown malware and persistent threats.
  • Identify and scan hidden beachheads (ie. non-compliant systems or those with disabled security mechanisms).
  • Network impact is fully manageable, giving you control of how fast a scan is conducted (up to thousands of systems per hour).

FORENSIC STATE ANALYSIS (FSA)

  • Primary detection approach uses static analysis techniques against active processes and systems to identify the unique markers of a compromised system such as stealth and persistence mechanisms.
  • Audits and scores the severity of identified issues to focus further analysis. 

ADVANCED ANALYTICS ENGINE

  • Uses Forensic State Analysis (FSA) to discover hidden threats and compromises within a network. 
  • Ability to statically and dynamically analyze process-injected code or suspicious files found on disk.
  • Threat Intelligence integration identifies who might be behind the attack.