You read that correctly, we are releasing a free version of our network threat hunting tool, AC-Hunter! As a community, we face an exhaustive number of challenges. There is the gap in needed threat hunting skills, the increase in dwell time of successful attacks, as well as the steadily increasing cost of recovery. Clearly, we need better tooling that can help even junior analysts take the fight to our adversaries.
So we’ve decided to release a free version of AC-Hunter to ensure that “price” is not an inhibitor to threat hunting your environment. In this webcast, we will prove a first look at the tool. We will also be announcing free training on how to download, deploy and manage the tool. Come join the webcast and help us make 2023 the year we start reversing the data breach trends!
///AC-Hunter Community Edition!
www.activecountermeasures.com...
Join our Threat Hunter Community Discord Server to join in on the conversation during and after the webcast: / discord
///Chapters
00:00 - Introducing AC-Hunter Community Edition!
00:28 - Why release a Community Edition?
01:48 - RITA Vs AC-Hunter
02:13 - ACH CE Vs ACH Enterprise
03:19 - DEMO
03:52 - AC-Hunter Features - Canary Tokens
06:22 - Safe list Entries
07:36 - Jitter Detection?
12:42 - Important Data Up Front, Visually Presented
13:34 - Verifying an IP?
16:35 - It’s Been A Long Connection, and I Have Reason To Believe…
19:00 - Gauge Scope of a Potential Compromise
21:56 - Threat Intel - Not Very Helpful
24:52 - This is how we do “Threat Intel”
27:32 - Dealing with Proxies
28:14 - Dealing with CDNs
30:10 - Strobes
31:49 - DNS Module
36:45 - Data Feeds
38:39 - Install Options
40:09 - LINK: AC-Hunter Community Edition : www.activecountermeasures.com...
41:05 - Questions?
41:25 - Q: Syslog Alerting?
43:01 - Q: Enterprise network install?
43:44 - Q: AC-Hunter CE in a CCDC environment?
44:03 - Q: Beaker and AC-Hunter Community Edition?
45:40 - Q: AC-Hunter CE on a box with a network span port?
47:15 - Q: Link AC-Hunter CE to existing solutions?
48:27 - Q: Docker Container?
49:28 - Q: What’s the attack surface of AC-Hunter
52:16 - Q: Log rotation interval?
53:29 - Q: Traffic samples for DEMO
56:51 - Q: AC-Hunter CE Zeek Logs?
58:12 - Q: AC-Hunter CE CTF?
58:52 - Q: Final Thoughts
///Active Countermeasures Socials
Twitter: / activecmeasures
LinkedIn: / active-countermeasures
Discord: / discord
///Our Threat Hunting Tool ~ AC-Hunter (Formally AI-Hunter)
Features - www.activecountermeasures.com...
Interactive Demo Space - www.activecountermeasures.com...
///Active Countermeasures Open-Source Tools
www.activecountermeasures.com...
Educational Threat Hunting Content
FREE 6-Hour Threat Hunt Training: www.activecountermeasures.com...
Active Countermeasures Blog: www.activecountermeasures.com...
Active Countermeasures KZread: / activecountermeasures
Learn Threat Hunting Skills from Antisyphon Training
Entry-Level (Pay-What-You-Can): www.antisyphontraining.com/pa...
Advanced: www.antisyphontraining.com/ad...
Active Countermeasures Shirts
spearphish-general-store.mysh...
Our Tribe
Black Hills Infosec: www.blackhillsinfosec.com/
Wld West Hackin' Fest: wildwesthackinfest.com/
Antisyphon Training: www.antisyphontraining.com/