Advanced Persistent Threats (APT) and Fileless attacks have been around for over a decade, but their usage has surged as attackers become ever more skilled with advanced techniques and in-memory attacks. Such attacks cannot be stopped solely by checking a box or installing a program. Instead, threat hunters armed with the capability to determine the attacker's tactics, techniques, and procedures are required in order to stop them.
Observables are items such as File Hashes, IP Addresses or known bad URL’s which are useful for blocking a specific attack and for connecting the dots between two separate attacks when the adversaries choose to re-use tools and infrastructure.
More...TXHunter provides a straight and clear answer as to whether the endpoint has been infected or hacked, the severity level of that particular attack and all supporting data.
More...