Listing Thumbnail

    Hunters SOC Platform

     Info
    Sold by: Hunters 
    Hunters SOC Platform is a SIEM alternative, delivering data ingestion, built-in and always up-to-date threat detection, and automating correlation and investigation processes to reduce risk, complexity, and cost for security teams.

    Overview

    Play video

    Improve your security analysts ability to see, understand, and respond to security incidents by ingesting data from AWS into a single, unified schema to facilitate automated analysis across your entire security stack.

    Hunters SOC Platform is a modern, cloud-native alternative to SIEM that ingests, normalizes and analyzes data from all security and IT sources. Hunters makes it easy for security teams to connect data: No need to engineer, deploy and maintain ingestion pipelines. The platform delivers built-in and regularly updated detection capabilities, based on the MITRE ATT&CK Framework, increasing the effectiveness of threat detection and eliminating the need to regularly build and maintain detection rules.

    With Hunters SOC Platform, security teams can focus on their unique use cases, knowing that the majority of the threat landscape is covered by Hunters detectors. The platform automates the correlation of signals and alerts from various sources, such as EDR, Cloud, Identity, and Network, as well as the triage and investigation process to minimize the time to respond (MTTR) and contain threats.

    With Hunters SOC Platform, your team can quickly assess the scope of real incidents and effectively mitigate them.

    Highlights

    • Ingestion and normalization of telemetry at cloud-scale with unique automated detection capabilities.
    • Visibility into AWS users and/or systems across different platforms.
    • Correlated AWS session activities integrated into single stories and two-way insights and correlation between Cloud and EDR.

    Details

    Sold by

    Delivery method

    Deployed on AWS

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Hunters SOC Platform

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (1)

     Info
    Dimension
    Cost/12 months
    Hunters SOC Platform
    $250,000.00

    Vendor refund policy

    All fees are non-cancellable and non-refundable except as required by law.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Vendor resources

    Support

    Vendor support

    Email support is offered Monday - Friday during normal business hours. support@hunters.ai 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    50
    In Log Analysis
    Top
    25
    In Data Security and Governance

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    1 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Data Ingestion
    Cloud-native platform capable of ingesting and normalizing telemetry data from multiple security and IT sources with automated analysis capabilities
    Threat Detection Framework
    Built-in detection capabilities aligned with MITRE ATT&CK Framework, providing regularly updated threat detection rules
    Multi-Source Signal Correlation
    Automated correlation of security signals and alerts from diverse sources including EDR, Cloud, Identity, and Network platforms
    Cloud Security Visibility
    Comprehensive visibility and tracking of user and system activities across different cloud platforms with integrated session monitoring
    Incident Investigation Automation
    Automated triage and investigation processes designed to minimize threat response time and streamline security incident containment
    Log Aggregation and Monitoring
    Monitors entire IT environment by ingesting logs from CloudTrail, GuardDuty, EC2 network traffic, multiple AWS accounts, cloud services, on-premises networks, and remote endpoints
    Threat Detection Analytics
    Utilizes user and attacker behavior analytics with 900+ out-of-the-box detections and community threat intelligence to minimize false alarms
    Compliance Monitoring
    Supports log, event, and File Integrity Monitoring (FIM) requirements for compliance frameworks like PCI, HIPAA, and GDPR
    Advanced Defense Mechanisms
    Implements layered security defenses through honeypots, honey credentials, and honey files to detect potential intrusions
    Investigation Capabilities
    Provides detailed log timelines and automated response workflows to cut investigation times and enable rapid incident response
    Threat Intelligence Integration
    Comprehensive threat intelligence platform analyzing over 3,000 threat campaigns with advanced correlation capabilities
    Multi-Service Data Ingestion
    Ability to ingest event and incident data across 1,000+ third-party services with 13 AWS integrations
    AI-Powered Investigation
    Deep AI-guided investigation techniques leveraging machine learning models for threat detection and response
    Threat Modeling
    Advanced threat modeling capabilities for dynamic control posture updates and proactive security management
    Adaptive Security Operations
    AI-driven security operations platform enabling transition from reactive to adaptive threat-driven security approach

    Contract

     Info
    Standard contract
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    2 external reviews
    Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
    VikramSingh8

    Advanced detectors streamline threat monitoring with many use cases

    Reviewed on Jan 10, 2025
    Review provided by PeerSpot

    What is our primary use case?

    Hunter is a very new SIEM  in the market. It is definitely a broad market for us as they are trying to establish a new place against competitors like Splunk and QRadar . This makes it challenging to establish themselves. 

    Hunter has an upper hand, which other SIEMs can learn from. They offer hundreds of inbuilt use cases that other SIEMs lack. We typically have to create each use case as a custom one. However, Hunter proactively provides a set of five to six hundred use cases, categorized based on cloud use cases, endpoint use cases, parameter use cases, and malicious use cases. We can select or enable these use cases according to our requirements, adjusting them to fit our customer environment and company environment. 

    They also provide the ability to tweak those use cases, numbers, timings, and thresholds as per our client or company needs. This is a great move by Hunter. 

    Another great move is their pricing model. Other SIEM  tools base their license cost on the volume of data processed, often charging by how much TB or GB data is processed. Hunter, however, charges based on the number of data sources and the number of data entities integrated, which saves money. This helps us save a lot of money compared to releasing a lot of money with other SIEMs. However, Hunter still has a long way to go.

    What is most valuable?

    In Hunter, 'detectors' are a key term. Instead of calling them use cases or correlation rules, Hunter refers to them as detectors. Their inbuilt detectors are quite advanced and intelligent. We can use them freely without making any changes, though we can adjust thresholds to fit our environment's size. What's commendable is that they keep updating their detectors from the back end, maintaining continual efforts without client prompts. However, initially, they deactivated detectors without client approval, which impacted security monitoring as SOC engineers were monitoring alerts triggered by these detectors. 

    Hunter has since learned and improved their process by obtaining client approval first. They consistently update detectors to match the evolving threat landscape, ensuring the tool's uptime, resiliency, and availability. Additionally, they provide a niche module like UEBA  (User Entity Behavior Analytics) free of charge, whereas other SIEM tools charge for it. This tool is vital for monitoring internal threats, especially among VVIP and VIP users. 

    Hunter also plans to expand features like spam score and reputation score insights within their tool, removing the need for external checks. They are at an early stage, but they are working on expanding this feature.

    What needs improvement?

    Hunter support is functional yet not exceptional. Their support engineers could be more advanced and faster in providing solutions. Their turnaround time could improve to match other tools. When feedback is provided, they consider it and indicate if it is in the development stage. They commit to fixing bugs and developing the module or feature, however, take quite a lot of time. I would rate their customer support as needing improvement. 

    Another area needing improvement is integration capabilities, as they are not yet fully compatible. Users still have to rely on third-party software or integration tools. 

    Furthermore, they should incorporate more GenAI capabilities, a current buzzword, and enable predictive use cases. Their tools should be capable of reading the environment, making adaptations, and automatically tweaking settings as per client or environmental needs, similar to capabilities provided by other SIEM tools.

    For how long have I used the solution?

    I have been using the solution for two years.

    What do I think about the stability of the solution?

    I've never encountered instability or downtime with Hunter. Their system ensures availability even during back-end advancements. It is reliable and maintains service readiness for clients, demonstrating considerable stability.

    What do I think about the scalability of the solution?

    Hunter has much to learn and is working to establish its market presence. Scalability-wise, they are attempting consistency amid feature development, yet occasionally they backtrack and take excessive time. While expected during their learning phase, I am confident their ongoing progress will lead to becoming one of the premier solutions available.

    How are customer service and support?

    Hunter support is functional yet not exceptional. Their support engineers could be more advanced and faster in providing solutions. Their turnaround time could improve to match other tools. When feedback is provided, they consider it and indicate if it is in the development stage. They commit to fixing bugs and developing the module or feature, and yet take quite a lot of time.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    For the initial setup, I would rate it out of 10. It was fine.

    What about the implementation team?

    I'll be honest. I was not part of the implementation. There were dedicated engineers from the client side and vendor side who managed implementation.

    What other advice do I have?

    Their knowledge base is good. When starting with Hunter, ensure you have one or two sessions to understand navigation, features, and modules, along with obtaining proper documentation. This will help SOC users navigate effectively due to their comprehensive knowledge base. However, initial sessions with the vendor are recommended to facilitate easier ongoing use. 

    Overall product rating is eight out of ten.

    Leisure, Travel & Tourism

    Day to day usage for getting all relevant security alerts in one place.

    Reviewed on Nov 22, 2023
    Review provided by G2
    What do you like best about the product?
    I like Hunters detections a lot as they are very reliable. Also, I appreciate the correlation mechanism that is used in order to get a complete picture of a possbile threat. This helps us reduce the noise from the events in the environment.
    What do you dislike about the product?
    I don't like that the API does not have all the endpoints needed for easy customisation.
    What problems is the product solving and how is that benefiting you?
    This platform gathers all the detections from all the security appliances which are installed and based on detection rules and correlation mechanism it triggers differents alerts which are then manually investigated by our analysts.
    View all reviews