Sqrrl is the threat hunting company that enables organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading threat hunting platform unites link analysis, User and Entity Behavior Analytics (UEBA), and multi-petabyte scalability capabilities into an integrated solution. Sqrrl reduces attacker dwell time by detecting adversarial behavior faster and with fewer resources through the use of machine learning, and enables effective threat hunting. As an incident response tool, it enables analysts to investigate the scope, impact, and root cause of an incident more efficiently and thoroughly than ever before.
Sqrrl Enterprise enables the ingest and analysis of disparate datasets to facilitate proactive threat detection, which is also known as cyber threat hunting.
- Target: Scope the data sets that will be used in your investigation. Hunts can branch from various starting points or “trailheads”. These include indicator-driven structured hunts and hypothesis-driven exploratory hunts, both of which can be optimized with automated analytics and machine learning.
- Hunt: Proactively and iteratively search through network and endpoint data to detect and isolate advanced threats that evade more traditional security solutions.
- Disrupt: By seamlessly pivoting from hunting to forensic analysis, disrupt adversaries before they fully execute their attacks. These analyses can generate new indicators to feed into complementary security systems, creating an effective security feedback loop.
Sqrrl’s capabilities include UEBA and machine learning, graph visualizations, and advanced risk scoring. Its Big Data architecture leverages Hadoop, link analysis, and data-centric security.
The Sqrrl UI, featuring graph exploration, detailed entity information, and drill down on the underlying raw data
Sqrrl licenses Sqrrl Enterprise via annual subscriptions models. Contact us for pricing details or to discuss setting up a proof of concept.