Threat Hunting Framework Overview

What is Threat Hunting Framework?

Group-IB is a Singapore-based provider of solutions aimed at the detection and prevention of cyberattacks and online fraud. The company also specializes in high-profile cyber investigations and IP protection services. Group-IB’s Threat Intelligence & Attribution system has been named one of the best in class by Gartner, Forrester, and IDC, while its Threat Hunting Framework has been recognized as one of the leaders in Network Detection and Response.
Group-IB’s technological leadership is built on the company’s 18 years of hands-on experience in cybercrime investigations around the world and 65 000 hours of cybersecurity incident response accumulated in one of the biggest forensic laboratory and a round-the-clock center providing a rapid response to cyber incidents — CERT-GIB.
Group-IB is a partner of INTERPOL, Europol, and has been recommended by the OSCE as a cybersecurity solutions provider.

Buyer's Guide

Download the Threat Intelligence Platforms Buyer's Guide including reviews and more. Updated: July 2021

Threat Hunting Framework Video

Filter Reviews

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
John Rendy
CTO at Systema Global Solusindo
Top 5Leaderboard
High fidelity cyber incident detection is near in real-time, enabling proactive & timely mitigation efforts

What is our primary use case?

The primary use case for this solution is to reduce Mean Time to Detect and Mean Time to Recovery, proactively hunt for threats in the internal cyber network with correlated high fidelity threat intelligence feeds -automatically. The solution allows clients to conduct Automated Threat Hunting which close the gap of cybersecurity skillset in the market and the high requirements of knowledge required to do such analysis.

Pros and Cons

  • "Great automatic correlation of all internal activities."
  • "Monitoring the endpoint could be improved, it requires a huge effort."

What other advice do I have?

Framework is essentially one of the highest orders of cybersecurity to my mind. The idea of Threat Hunting Framework is to understand the cyber path that is affecting the organization. It's not as simple as running a firewall because you need people who understand types of attacks and how they move into the organization on their network, their email, or their proxy. Apart from the technical functionality limitation and those challenges, this solution could easily be one of the best in the market, but there are certain challenges in maintenance and its resource intensity. I rate this solution a…