
Overview

Product video
Improve your security analysts ability to see, understand, and respond to security incidents by ingesting data from AWS into a single, unified schema to facilitate automated analysis across your entire security stack.
Hunters SOC Platform is a modern, cloud-native alternative to SIEM that ingests, normalizes and analyzes data from all security and IT sources. Hunters makes it easy for security teams to connect data: No need to engineer, deploy and maintain ingestion pipelines. The platform delivers built-in and regularly updated detection capabilities, based on the MITRE ATT&CK Framework, increasing the effectiveness of threat detection and eliminating the need to regularly build and maintain detection rules.
With Hunters SOC Platform, security teams can focus on their unique use cases, knowing that the majority of the threat landscape is covered by Hunters detectors. The platform automates the correlation of signals and alerts from various sources, such as EDR, Cloud, Identity, and Network, as well as the triage and investigation process to minimize the time to respond (MTTR) and contain threats.
With Hunters SOC Platform, your team can quickly assess the scope of real incidents and effectively mitigate them.
Highlights
- Ingestion and normalization of telemetry at cloud-scale with unique automated detection capabilities.
- Visibility into AWS users and/or systems across different platforms.
- Correlated AWS session activities integrated into single stories and two-way insights and correlation between Cloud and EDR.
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Cost/12 months |
---|---|
Hunters SOC Platform | $250,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Email support is offered Monday - Friday during normal business hours. support@hunters.ai
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Standard contract
Customer reviews
Advanced detectors streamline threat monitoring with many use cases
What is our primary use case?
Hunter is a very new SIEM in the market. It is definitely a broad market for us as they are trying to establish a new place against competitors like Splunk and QRadar . This makes it challenging to establish themselves.
Hunter has an upper hand, which other SIEMs can learn from. They offer hundreds of inbuilt use cases that other SIEMs lack. We typically have to create each use case as a custom one. However, Hunter proactively provides a set of five to six hundred use cases, categorized based on cloud use cases, endpoint use cases, parameter use cases, and malicious use cases. We can select or enable these use cases according to our requirements, adjusting them to fit our customer environment and company environment.
They also provide the ability to tweak those use cases, numbers, timings, and thresholds as per our client or company needs. This is a great move by Hunter.
Another great move is their pricing model. Other SIEM tools base their license cost on the volume of data processed, often charging by how much TB or GB data is processed. Hunter, however, charges based on the number of data sources and the number of data entities integrated, which saves money. This helps us save a lot of money compared to releasing a lot of money with other SIEMs. However, Hunter still has a long way to go.
What is most valuable?
In Hunter, 'detectors' are a key term. Instead of calling them use cases or correlation rules, Hunter refers to them as detectors. Their inbuilt detectors are quite advanced and intelligent. We can use them freely without making any changes, though we can adjust thresholds to fit our environment's size. What's commendable is that they keep updating their detectors from the back end, maintaining continual efforts without client prompts. However, initially, they deactivated detectors without client approval, which impacted security monitoring as SOC engineers were monitoring alerts triggered by these detectors.
Hunter has since learned and improved their process by obtaining client approval first. They consistently update detectors to match the evolving threat landscape, ensuring the tool's uptime, resiliency, and availability. Additionally, they provide a niche module like UEBA (User Entity Behavior Analytics) free of charge, whereas other SIEM tools charge for it. This tool is vital for monitoring internal threats, especially among VVIP and VIP users.
Hunter also plans to expand features like spam score and reputation score insights within their tool, removing the need for external checks. They are at an early stage, but they are working on expanding this feature.
What needs improvement?
Hunter support is functional yet not exceptional. Their support engineers could be more advanced and faster in providing solutions. Their turnaround time could improve to match other tools. When feedback is provided, they consider it and indicate if it is in the development stage. They commit to fixing bugs and developing the module or feature, however, take quite a lot of time. I would rate their customer support as needing improvement.
Another area needing improvement is integration capabilities, as they are not yet fully compatible. Users still have to rely on third-party software or integration tools.
Furthermore, they should incorporate more GenAI capabilities, a current buzzword, and enable predictive use cases. Their tools should be capable of reading the environment, making adaptations, and automatically tweaking settings as per client or environmental needs, similar to capabilities provided by other SIEM tools.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the stability of the solution?
I've never encountered instability or downtime with Hunter. Their system ensures availability even during back-end advancements. It is reliable and maintains service readiness for clients, demonstrating considerable stability.
What do I think about the scalability of the solution?
Hunter has much to learn and is working to establish its market presence. Scalability-wise, they are attempting consistency amid feature development, yet occasionally they backtrack and take excessive time. While expected during their learning phase, I am confident their ongoing progress will lead to becoming one of the premier solutions available.
How are customer service and support?
Hunter support is functional yet not exceptional. Their support engineers could be more advanced and faster in providing solutions. Their turnaround time could improve to match other tools. When feedback is provided, they consider it and indicate if it is in the development stage. They commit to fixing bugs and developing the module or feature, and yet take quite a lot of time.
How would you rate customer service and support?
Positive
How was the initial setup?
For the initial setup, I would rate it out of 10. It was fine.
What about the implementation team?
I'll be honest. I was not part of the implementation. There were dedicated engineers from the client side and vendor side who managed implementation.
What other advice do I have?
Their knowledge base is good. When starting with Hunter, ensure you have one or two sessions to understand navigation, features, and modules, along with obtaining proper documentation. This will help SOC users navigate effectively due to their comprehensive knowledge base. However, initial sessions with the vendor are recommended to facilitate easier ongoing use.
Overall product rating is eight out of ten.