Sold by: Hunters
Hunters SOC Platform is a SIEM alternative, delivering data ingestion, built-in and always up-to-date threat detection, and automating correlation and investigation processes to reduce risk, complexity, and cost for security teams.
Overview
Improve your security analysts ability to see, understand, and respond to security incidents by ingesting data from AWS into a single, unified schema to facilitate automated analysis across your entire security stack.
Hunters SOC Platform is a modern, cloud-native alternative to SIEM that ingests, normalizes and analyzes data from all security and IT sources. Hunters makes it easy for security teams to connect data: No need to engineer, deploy and maintain ingestion pipelines. The platform delivers built-in and regularly updated detection capabilities, based on the MITRE ATT&CK Framework, increasing the effectiveness of threat detection and eliminating the need to regularly build and maintain detection rules.
With Hunters SOC Platform, security teams can focus on their unique use cases, knowing that the majority of the threat landscape is covered by Hunters detectors. The platform automates the correlation of signals and alerts from various sources, such as EDR, Cloud, Identity, and Network, as well as the triage and investigation process to minimize the time to respond (MTTR) and contain threats.
With Hunters SOC Platform, your team can quickly assess the scope of real incidents and effectively mitigate them.
Highlights
- Ingestion and normalization of telemetry at cloud-scale with unique automated detection capabilities.
- Visibility into AWS users and/or systems across different platforms.
- Correlated AWS session activities integrated into single stories and two-way insights and correlation between Cloud and EDR.
Details
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/12 months |
|---|---|
Hunters SOC Platform | $250,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Email support is offered Monday - Friday during normal business hours. support@hunters.ai
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Hunters
By Rapid7
By Trellix
Sentiment is AI generated from actual customer reviews
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Data Ingestion
Cloud-native platform capable of ingesting and normalizing telemetry data from multiple security and IT sources with automated analysis capabilities
Threat Detection Framework
Built-in detection capabilities aligned with MITRE ATT&CK Framework, providing regularly updated threat detection rules
Multi-Source Signal Correlation
Automated correlation of security signals and alerts from diverse sources including EDR, Cloud, Identity, and Network platforms
Cloud Security Visibility
Comprehensive visibility and tracking of user and system activities across different cloud platforms with integrated session monitoring
Incident Investigation Automation
Automated triage and investigation processes designed to minimize threat response time and streamline security incident containment
Log Aggregation and Monitoring
Monitors entire IT environment by ingesting logs from CloudTrail, GuardDuty, EC2 network traffic, multiple AWS accounts, cloud services, on-premises networks, and remote endpoints
Threat Detection Analytics
Utilizes user and attacker behavior analytics with 900+ out-of-the-box detections and community threat intelligence to minimize false alarms
Compliance Monitoring
Supports log, event, and File Integrity Monitoring (FIM) requirements for compliance frameworks like PCI, HIPAA, and GDPR
Advanced Defense Mechanisms
Implements layered security defenses through honeypots, honey credentials, and honey files to detect potential intrusions
Investigation Capabilities
Provides detailed log timelines and automated response workflows to cut investigation times and enable rapid incident response
Threat Intelligence Integration
Comprehensive threat intelligence platform analyzing over 3,000 threat campaigns with advanced correlation capabilities
Multi-Service Data Ingestion
Ability to ingest event and incident data across 1,000+ third-party services with 13 AWS integrations
AI-Powered Investigation
Deep AI-guided investigation techniques leveraging machine learning models for threat detection and response
Threat Modeling
Advanced threat modeling capabilities for dynamic control posture updates and proactive security management
Adaptive Security Operations
AI-driven security operations platform enabling transition from reactive to adaptive threat-driven security approach
Standard contract
No
No
Customer reviews
0 ratings
0 AWS reviews
|
2 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
VikramSingh8
Advanced detectors streamline threat monitoring with many use cases
Reviewed on Jan 10, 2025
Review provided by PeerSpot
What is our primary use case?
Hunter is a very new SIEM in the market. It is definitely a broad market for us as they are trying to establish a new place against competitors like Splunk and QRadar . This makes it challenging to establish themselves.
Hunter has an upper hand, which other SIEMs can learn from. They offer hundreds of inbuilt use cases that other SIEMs lack. We typically have to create each use case as a custom one. However, Hunter proactively provides a set of five to six hundred use cases, categorized based on cloud use cases, endpoint use cases, parameter use cases, and malicious use cases. We can select or enable these use cases according to our requirements, adjusting them to fit our customer environment and company environment.
They also provide the ability to tweak those use cases, numbers, timings, and thresholds as per our client or company needs. This is a great move by Hunter.
Another great move is their pricing model. Other SIEM tools base their license cost on the volume of data processed, often charging by how much TB or GB data is processed. Hunter, however, charges based on the number of data sources and the number of data entities integrated, which saves money. This helps us save a lot of money compared to releasing a lot of money with other SIEMs. However, Hunter still has a long way to go.
What is most valuable?
In Hunter, 'detectors' are a key term. Instead of calling them use cases or correlation rules, Hunter refers to them as detectors. Their inbuilt detectors are quite advanced and intelligent. We can use them freely without making any changes, though we can adjust thresholds to fit our environment's size. What's commendable is that they keep updating their detectors from the back end, maintaining continual efforts without client prompts. However, initially, they deactivated detectors without client approval, which impacted security monitoring as SOC engineers were monitoring alerts triggered by these detectors.
Hunter has since learned and improved their process by obtaining client approval first. They consistently update detectors to match the evolving threat landscape, ensuring the tool's uptime, resiliency, and availability. Additionally, they provide a niche module like UEBA (User Entity Behavior Analytics) free of charge, whereas other SIEM tools charge for it. This tool is vital for monitoring internal threats, especially among VVIP and VIP users.
Hunter also plans to expand features like spam score and reputation score insights within their tool, removing the need for external checks. They are at an early stage, but they are working on expanding this feature.
What needs improvement?
Hunter support is functional yet not exceptional. Their support engineers could be more advanced and faster in providing solutions. Their turnaround time could improve to match other tools. When feedback is provided, they consider it and indicate if it is in the development stage. They commit to fixing bugs and developing the module or feature, however, take quite a lot of time. I would rate their customer support as needing improvement.
Another area needing improvement is integration capabilities, as they are not yet fully compatible. Users still have to rely on third-party software or integration tools.
Furthermore, they should incorporate more GenAI capabilities, a current buzzword, and enable predictive use cases. Their tools should be capable of reading the environment, making adaptations, and automatically tweaking settings as per client or environmental needs, similar to capabilities provided by other SIEM tools.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the stability of the solution?
I've never encountered instability or downtime with Hunter. Their system ensures availability even during back-end advancements. It is reliable and maintains service readiness for clients, demonstrating considerable stability.
What do I think about the scalability of the solution?
Hunter has much to learn and is working to establish its market presence. Scalability-wise, they are attempting consistency amid feature development, yet occasionally they backtrack and take excessive time. While expected during their learning phase, I am confident their ongoing progress will lead to becoming one of the premier solutions available.
How are customer service and support?
Hunter support is functional yet not exceptional. Their support engineers could be more advanced and faster in providing solutions. Their turnaround time could improve to match other tools. When feedback is provided, they consider it and indicate if it is in the development stage. They commit to fixing bugs and developing the module or feature, and yet take quite a lot of time.
How would you rate customer service and support?
Positive
How was the initial setup?
For the initial setup, I would rate it out of 10. It was fine.
What about the implementation team?
I'll be honest. I was not part of the implementation. There were dedicated engineers from the client side and vendor side who managed implementation.
What other advice do I have?
Their knowledge base is good. When starting with Hunter, ensure you have one or two sessions to understand navigation, features, and modules, along with obtaining proper documentation. This will help SOC users navigate effectively due to their comprehensive knowledge base. However, initial sessions with the vendor are recommended to facilitate easier ongoing use.
Overall product rating is eight out of ten.
Leisure, Travel & Tourism
Day to day usage for getting all relevant security alerts in one place.
Reviewed on Nov 22, 2023
Review provided by G2
What do you like best about the product?
I like Hunters detections a lot as they are very reliable. Also, I appreciate the correlation mechanism that is used in order to get a complete picture of a possbile threat. This helps us reduce the noise from the events in the environment.
What do you dislike about the product?
I don't like that the API does not have all the endpoints needed for easy customisation.
What problems is the product solving and how is that benefiting you?
This platform gathers all the detections from all the security appliances which are installed and based on detection rules and correlation mechanism it triggers differents alerts which are then manually investigated by our analysts.