Automated Analysis

Automated Analysis

More powerful than log analysis/DIY tools

More complete than antivirus solutions

Full system analysis including suspicious objects

Easy to Understand

Easy to Understand

Designed for non-forensics experts

Key indicators are listed at the top of the report

Ability to drill down to the details

Powerful

Powerful

Detects APT, backdoors, and rootkits

Detects unusual network connections

Uncovers past abnormal activities

Easy to Use

Easy to Use

Point and Click’ Threat Hunting.

No permanent agent required (unlike EDR)

Easy to integrate with the SIEM/SOC Platforms

TXHUNTER

Performs Endpoint Breach Investigations Remotely

TXHunter provides an easy to use and convenient tool for conducting threat incident investigations remotely. If any endpoint system or server is suspected of having been attacked, TXHunter can simply take a snapshot of the suspicious system and automatically conduct an incident investigation. If the investigation process identifies suspicious files or URL links, it will automatically launch the TXSandbox for a behavior analysis. 

One of the key benefits of TXHunter is that it reduces the required skill level to do advance attack and malware analysis, speeds up the analysis process and helps identify advanced threats which can bypass the core defenses.

HOW DOES IT WORK?

Step 1 – Deploy tiny agent to the target system

Step 2 - Collect data from the system

Step 3 – Run analysis on collected data, and request additional suspect objects from the target system

Step 4 – Generate a Report

More...
HOW DOES IT WORK?
WHAT DOES TXHUNTER COLLECT?

WHAT DOES TXHUNTER COLLECT?

TXHunter automatically collects system, process, network, autorun, event, policy, file, and kernel information from the system being investigated. This data is analyzed for suspect activities and any associated file objects found are uploaded to the server for full dynamic analysis.

More...

DEPLOYMENT

TXHunter supports flexible on-premise deployments for maximum data protection and confidentiality, where the only external communications used are queries to customer configurable external threat intelligence sources. Private and Public Cloud hosting options are also available such as for AWS.  It doesn’t require Microsoft Windows licenses which can save considerable costs for large deployments.

More...
DEPLOYMENT