Pathfinder Investigation - Beta

  • Updated on Jan 27, 2026
  • Published on Jan 25, 2026
Prev Next

Overview

Pathfinder is Hunters’ AI-powered investigation and guidance experience designed to help security teams move faster from detection to understanding and action. By combining advanced large-language-model (LLM) reasoning currently powered by Microsoft Azure OpenAI Service with security-specific knowledge and dynamic data enrichment, Pathfinder assists analysts by investigating alerts, providing brief summary, share key findings with detailed investigation report which is used to recommend how this lead should be classified.

Core Capabilities

Automated Investigation & Verdicts

Pathfinder automatically runs an AI-driven investigation on supported alerts and produces one of three verdicts:

  • Benign - Activity is consistent with expected or non-malicious behavior

  • Malicious - Evidence indicates malicious or high-risk activity

  • Inconclusive - Insufficient or conflicting evidence to determine intent

Each investigation generates a detailed reasoning report, including:

  • Key findings and conclusions

  • The full investigation flow and steps that were executed

  • References to relevant artifacts (events, entities, detections, enrichment data)

Thresholds

Automatic Investigations

  • Pathfinder automatically investigates 1 alert per threat, per day and up to 50 alerts per day in total

  • Results are typically available within ~15-30 minutes

  • Automatic investigations apply to all hosted customers

  • Automatic investigation is disabled by default for Partner Connect customers -  to enable, please open a support ticket

On-Demand Investigations

  • Up to 50 leads can be investigated per day

  • Results are typically available within ~15-30 minutes

Supported lead by detectors 

All lead generated by Hunters OOTB detectors and the below third-party detectors: 

  • CrowdStrike*

  • Azure

  • M365 Defender for Endpoints

  • GuardDuty

  • Google Workspace

  • Additional M365 Defender 3PA

  • CrowdStrike API XDR Alerts

Custom detectors are not supported during Open Beta

Security, Privacy & Data Handling

IMPORTANT: AI-powered features can enhance productivity, but it's essential to recognize their limitations. Given the current nature of generative artificial intelligence technology, AI-generated responses may sometimes be incorrect or inaccurate. To ensure reliability, human oversight is required, and users must review and verify all AI-generated content for accuracy, relevance, and appropriateness before relying on it or taking action based on it.

Your use of Hunters’ AI-powered features is subject to Hunters' SaaS Terms of Service and AI Acceptable Use Policy