Fast, Powerful Investigations to Pinpoint Hidden Threats
Put the raw power of the Preempt Platform at your fingertips to drive fast, insightful security investigations.
The intuitive interface lets analysts query and correlate across any combination of attributes and network traffic events tracked by the Preempt Platform. Analysts are free to follow their own intuition and ask open-ended questions that cut across user and device attributes, access and authentication methods, account changes, time, location, and more. When analysts see something interesting, Threat Hunter can provide any related events and a chronological view to put the details of the hunt into full context.
The Threat Hunter app begins with a powerful interface that lets analysts search across any attribute in the Preempt Platform. Instead of crafting arduous string-based queries, analysts can simply select the attributes they are interested in and go. This lets analysts dial in exactly what they are looking for and quickly test hypotheses without getting bogged down crafting queries and pouring over logs. The result is hunts that are faster, easier, and more productive.
Dive into the Details
With Threat Hunter you can dive into any level of detail and pivot into related events. See host details down to the OS version number and see important context such as the number of failed login attempts. Expand the view to easily see what happened before and after the event, which users might be impacted, and intuitively follow the thread of an investigation without pivoting between tools. The combination of simple searching and detailed results, ensures staff can go from open-ended questions to hard answers quickly and easily.