Advanced Threat Detection (ATD) with Huntress
At Atlas, we use a product called Huntress for Advanced Threat Detection (ATD). This type of cybersecurity solution has never been more important, as evidenced by the high-profile SolarWinds hack last year. In a massive cybersecurity breach, hackers inserted malicious code into an otherwise legitimate software update. Around 18,000 users – including government agencies – then installed the tainted update onto their systems, giving hackers access to the data within their networks.
This high-profile cyberattack illustrates how today’s hackers are able to turn run-of-the-mill software updates into a weapon.
Having in place firewalls, anti-virus and anti-malware protection is no longer enough to protect your business. Businesses need Advanced Threat Prevention (ATP) and Advanced Threat Detection (ATD) solutions. ATD detects malicious software that has bypassed other cybersecurity measures – such as firewalls and anti-virus software – and infiltrated the system.
How Huntress Works
For our clients, we use Huntress for advanced threat detection. It helps businesses accelerate their response to constantly evolving security challenges by tracking, isolating and remediating malicious activity that other tools miss.
The tool automatically captures suspicious activity and sends data to the cloud to be analyzed for potential threats. The tool’s automated engine performs an initial analysis of the data, then escalates it for review by a real person. At this point, the user can determine the full context of the data and determine the classification and severity of the threat.
If we determine there is a threat, we then follow the Huntress ATD tool’s easy-to-follow instructions on how to eliminate or remediate it.
The Benefits of Huntress
While there are a number of ATD tools on the market, we use Huntress for advanced threat detection because of its unique escalation process. Most advanced threat detection tools identify threats and automatically remove them from a system. While this may be viewed as a good thing, it does have its drawbacks.
There are instances where an ATD program could flag a legitimate software update to a third-party tool as a threat. If the tool were to automatically start remediating the supposed threat, access to this tool could be compromised. This could create unnecessary downtime for your employees.
When we install Huntress for advanced threat detection for our clients, the Atlas team is first notified of any possible threats. We can then go in and verify whether or not there is a problem. If there is an issue, we’ll follow Huntress’ instructions to remove it from the network. If there is no problem, the legitimate software stays where it is, without disruption.
In our experience, Huntress is a necessary add-on for a layered cybersecurity program.