SBIR-STTR Award

The next generation of cyber threats will include sophisticated malware threats including Advanced Persistent Threats (APTs) and malware that tries to subvert dynamic analysis methods by switching to some benign behavior. These threats have proven to circumvent even cutting-edge malware detection and require more continuous learning methods to discover and remediate the threats. Due to these extremely dangerous malware samples, new techniques must be developed to hunt down this evasive malware. Hindsight is an automated threat hunting platform that will connect to any existing endpoint security products and log generation tools to monitor and inspect all activity in the network. Our platform identifies evidence of malware’s unique capabilities using real-time threat detection models that are trained on millions of malware samples. The detection models learn the malicious behaviors of malware through event-based logging data collected from endpoints on the network. This allows threat hunters to autonomously receive threat evidence on and across all endpoints. The Hindsight User Interface (UI) provides real-time visualization of the threat evidence discovered by our machine learning models. This UI will also allow threat hunters to drill down into learned suspicious activit