HUNTER Platform


Cyborg Security has pioneered a new approach to threat hunting, crafted to overcome the gaps and inefficiencies in the SOC that automation can’t fix. The HUNTER Platform melds the power of human and technology to transform analysts into hunters.

HUNTER Platform


Proactive threat hunting and detection packages enhance and maximize your current expertise and toolsets in your environment.

Search and Discovery

  • Search utilizing MITRE ATT&CK framework, Kill Chain, and Diamond Model
  • Filter results by contextual tagging including malware, threat actor, industry, and region
  • Research Threats and Actors provided by Cyborg Security’s Profiles
  • Enable organizations to identify risks in their environment
  • Reduce effort of collecting and correlating data by providing operationalized threat intelligence

Threat Hunt & Detection Packages

  • Packages contain contextualized and enriched Use Cases and content based on emerging and advanced threat hunting techniques
  • Includes all the information needed to successfully deploy and validate a threat hunt
  • Threat Hunt and Detections mapped to your unique SIEM or data lake environment
  • Continuously updated and vetted by Cyborg Security’s content development team

Automated Mapping

  • Threat Hunt and Detections mapped to the customer’s unique SIEM or data lake environment
  • Manipulate matched fields, indexes, and sourcetypes, providing a feedback loop ensuring compatibility
  • Deploy turn-key packages ready to run out-of-the-box. No major configuration or adjustments needed
  • Tailored output based on your environment


  • Enriched and targeted indicators focused on the top malware
  • Taxonomies including attack surface, industry, region, and motivation
  • Aligned to MITRE ATT&CK, Kill-Chain, and Diamond Model
  • Contextualized threat and actor profiles
  • Decay modeling ensuring relevant and actionable indicators
  • Available via a variety of ingestion methods

HUNTER Platform

How it Works

How Its Works
Once Access is granted to the HUNTER Platform, complete the on-boarding process to identify compatible tools in your environment and map Cyborg Security's Threat Hunt & Detection Packages to your SIEM, data lake, EDR, or IDS platforms.
How Its Works
Identify a Threat Hunt or Detection
Use the HUNTER Platform's intuitive search capabilities to find Threat Hunt & Detection Packages, use cases, and intelligence by filtering, pivoting, and searching against MITRE, Kill Chain, and other frameworks and taxonomies.
How Its Works
Click deploy to have the compatible threat hunt and detection package mapped to your environment. Get automatic notifications about updates to deployed Threat Hunt & Detection Packages.
How Its Works
Emulate and Validate
Emulate actors and malware using Cyborg Security's cyber threat emulation content found within the Threat Hunt & Detection Packages. Validate deployed threat hunt and detections ensuring proper configuration, allowing analyst to be more confident in the response process if the threat is found. Cyborg Security is partnered with Red Canary to develop emerging and cutting edge atomic red team testes mapped to MITRE and top malware.




Organizations and security teams are caught in a stalemate. Organizations protected by traditional security controls are faced with an unrelenting surge of uncontextualized, unhelpful, and often inaccurate alerts, while so-called next-generation artificial “intelligence” platforms identify only the most obvious threats. This reality leaves organizations responding reactively and giving a false sense of security to decision makers.

The Solution

Cyborg Security disrupts this reality. Threat hunting was once a capability reserved solely for the elite few, and now Cyborg Security is able to deliver threat hunting to every organization. Our platform delivers advanced and highly targeted hunt packages capable of proactively detecting even the most advanced adversaries’ actions, giving analysts the context and accuracy they demand, while leaving decision makers confident in their organizations’ security.




Return on Investment

Expert threat hunters are not only rare, but they are also very expensive to train and retain. Cyborg Security empowers organizations by evolving traditional security analysts into skilled threat hunters and enables security operations teams to become elite hunt teams.

  • Remove the barriers to entry for establishing or maturing hunt teams.
  • Reduce the dwell time of attackers and the mean time to detect (MTTD) in your environment.
  • Access the specialized knowledge of veteran threat hunters, digital forensics and incident responders (DFIR), threat intelligence analysts, and security engineers.

Reduce “Level of Effort”

Threat content development is an involved process, requiring significant effort by threat hunters, incident responders, threat intelligence analysts and security engineers. Cyborg Security reduces that effort, allowing security operations team to focus on what matters most: finding the bad.

  • Cyborg Security’s platform delivers a stream of hunting and detection packages that have been painstakingly researched, tested, and validated, directly to an environment.
  • Automated Mapping delivers tailored and turnkey content, eliminating effort to develop or customize content to an environment.
  • Extensive deployment, testing, and validation documentation and processes are included with every threat hunting and detection package, reducing the strain on already overtaxed engineering resources.

Enriched Analyst Talent

Learn by doing! Threat hunting is a skill that can take years to hone and perfect, however with HUNTER Platform, even mid-tier analysts are able to able to threat hunt effectively in almost any environment. Educate and enrich your existing talent.

  • With distilled research and runbooks, mid-tier analysts are able to perform comprehensive threat hunts, enabling them to learn by doing.
  • Analysts learn the threat hunting processes and methodologies required to complete advanced threat hunting.
  • Analysts are able to access and reference Cyborg Security’s extensive threat intelligence data set, providing key context and research into malware, threat actors, and associated tactics, techniques, and procedures (TTP).

Improved SOC Efficiency

Security analysis isn’t guesswork or best effort, but security teams often lack defined processes and uniform training to ensure that every investigation is handled correctly, every time. This ad hoc methodology results in costly delays and even more costly missteps or mistakes. HUNTER Platform removes this uncertainty by ensuring every analyst has all the information, every time.

  • HUNTER Platform allows organizations to short circuit the labour-intensive process of establishing a sustainable threat hunting capability.
  • Thoroughly researched runbooks ensure that every investigation is rigorous and repeatable, every time.
  • Remediation best practices help close the incident response gap, enabling analysts to ensure thorough remediation of a threat.
  • Removes the often tedious, detection content documentation process, allowing security professionals to focus on what really matters: finding the bad.


We are compatible

Cyborg’s advanced detection data feeds seamlessly into a variety of toolsets so customers can maximize their current security stack.
  • Elastic
  • Splunk
  • SumoLogic
  • Zeek
  • Snort
  • ThreatQ
  • Anomali
  • ThreatConnect
  • Crowdstrike
  • CarbonBlack
  • King&Union
  • MicroFocus
  • Suricata
  • OpenCTI
  • IBM
  • MISP


The Latest from Cyborg

White Paper
The Content Revolution
White Paper
We Need a New National Cyber Security Strategy
White Paper
Threat Hunt Deep Dives: User Account Control Bypass Via Registry Modification


Continue the Hunt
No thanks, maybe later.