Kognos for MSSPs reduces MTTD/MTTR metrics to mere minutes. Learn More.

EDR Hunter

Kognos helps threat hunters overcome data overload 
and reduces hunting time for EDR data from hours to minutes.

Dramatically Improve Threat Hunting Effectiveness

The effectiveness of a threat hunting team relies on its ability to identify new leads and chase them down as quickly as possible. With an endless supply of leads from intel sources, threat reports, and statistical and behavioral anomalies, the number of leads that can be hunted down is often limited by threat hunters bandwidth. Endpoint threat hunters need machines to overcome data overload and produce meaningful results.

The Kognos EDR Hunter provides this relief by:

Oxygen Icon Box

Autonomously mining through terabytes of data

Oxygen Icon Box

Asking thousands of questions to fully understand the adversaries’ activities

Oxygen Icon Box

Tracing the attacker’s path in real-time and presenting pre-investigated and fully contextualized attacks and campaigns for review.

HOW IT WORKS

RELATIONSHIP GRAPH ENGINE

The relationship graph engine interprets incoming events and forms relationship graphs which are essential in understanding the full scope and impact of the attack as it allows the system to cumulatively look at risk across the entire activity

AI-DRIVEN INQUIRY ENGINE

The AI-driven inquiry engine will investigate hundreds of billions of relationships by asking thousands of forensic questions per second to identify relevant evidence highlighting the entire attacker’s path

STORY GENERATION ENGINE

The story generation engine continuously fuses the evidence to form easily understandable stories and timelines of the entire attack allowing the analysts to respond in real-time

This autonomous approach to endpoint threat hunting drastically reduces adversary dwell time, while simultaneously allowing threat hunting teams to spend their precious time mitigating attacks in real-time, as opposed to drowning in data mining and chasing false leads.

How EDR Threat Hunting Teams Leverage Kognos

The Kognos EDR Hunter is the first and only platform that enables threat hunters to do point-and-click hunting across multiple data sources. The autonomous platform:

  • Enables hunters to identify which IOCs or behaviors to hunt for
  • Leaves tedious data mining activities - locating the suspect artifacts and investigating them - to the machines.
  • Uncovers every step the adversary took across the environment
  • Presents machine-investigated storylines associated with the IOC or behavior of interest to threat hunting teams to remediate holistically.

By eliminating data fatigue and analysis bias, the Kognos EDR Hunter enables an organization’s valuable endpoint telemetry to be put to proactive hunting as opposed to post breach forensic analysis.

Learn More

Download the Kognos EDR Hunter datasheet for more details about:

  • Easy set up
  • Threat hunting in EDR data
  • Machine assisted threat hunting
  • Fully autonomous continuous threat hunting
  • API Integrations
  • Endpoint data integrations
Kognos continuously monitors billions of relationships to detect suspicious behavior. Once detected, Kognos uses an AI powered inquiry engine to ask thousands of forensic questions per second to fully contextualize the attack and present the findings as complete attack campaigns, allowing the analyst to respond in real-time.

Contact

Oxygen Icon Box

2064 Walsh Ave, STE C1
Santa Clara, 
California - 95050

Oxygen Icon Box

info@kognos.io

Copyright © 2021 Kognos, Inc. All Rights Reserved.
databaseenvelopeeyemap-markercrossquestion-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram