Hunters SOC Platform helps security teams quickly detect and respond to important threats across their entire attack surface. With built-in detection engineering, data correlation, and automated investigations, teams can tackle real threats faster and more reliably than traditional SIEM. This ultimately reduces overall security risks.
Hunters pipeline
Hunters SOC Platform runs on an advanced data pipeline that ingests all your security data and extracts valuable, actionable signals. The Hunters pipeline contains four main steps:
Ingestion
The first phase of the Hunters pipeline is gathering your organization’s security data. At this stage, the platform collects data (such as accessing a security product’s REST API), transforms it, and stores it in the data lake.
📘 Learn more
Deep dive into Ingestion
Detection
In the second stage of the Hunters pipeline, the system identifies suspicious events in your organization's raw data. Each Data source—such as AWS, CrowdStrike, or Active Directory—has built-in Detectors that generate Leads based on predefined rules. You can adjust these detectors or create custom ones to fit your organization's needs.
📘 Learn more
Deep dive into Detection
Automatic investigation
Hunters automatically investigates leads detected in the pipeline. It gathers more data on specific Entities, Attributes, and the lead itself. The system then assigns a Risk score to help your team focus on real threats and filter out noise.
📘 Learn more
Deep dive into Automatic investigation
Correlation engine (Stories)
In the final stage of the Hunters pipeline, the system connects related leads to a specific security incident. It automatically maps all data points within the same attack flow and compiles them into a clear, comprehensive Story for your team to review in one place.
📘 Learn more
Deep dive into Correlation