PROTECTION FROM THE INSIDE OUT

 

Infocyte HUNT utilizes a tiered deployment model with a central HUNT server situated within your environment. Enterprises maintain the flexibility of deploying a physical or virtual HUNT "relay" in protected network segments or remote sites to effectively scan the entire constellation or a select group of endpoints. These relays perform scans within their network segment and pass the results back to the central HUNT server for processing and display.

 
 

YOUR DATA STAYS WITH YOU

With Infocyte HUNT you retain control of your data. You have the choice of using our Incyte cloud-services for threat Intel queries (restricted to hashes, IPs, DNS, and suspicious executable analysis) or configure an on-premesis Incyte appliance and use your own (i.e. for air-gapped networks).

 

YOU'RE IN THE DRIVER'S SEAT

With Infocyte HUNT, there are no restrictions to the number of servers and relays deployed in your environment. Set scans as often as you like (hourly, daily, etc.) to hunt malware. This enables you to ensure that malware is not allowed to persist undiscovered after it breaches existing defenses, and put controls around dwell time to dramatically limit potential damage. 


Diving in

ARCHITECTURE

Infocyte HUNT's post breach detection is performed by independently scanning and validating endpoint devices, including workstations and servers. The platform consists of an endpoint scanner, deployable endpoint surveys (dissolvable agents), and an advanced cloud-based analysis engine.

During a scan, the surveys are deployed to each endpoint and perform full device validation via rapid collection and analysis of a wide array of endpoint configuration and process data. Device validation differs from behavior-based detection approaches which only look at activity of a system over time. Validation enables a significantly more comprehensive look at a device and what is on it – all within seconds.

 

Infocyte-Architecture-Diagram.png