This website uses cookies to make the content more user-friendly and effective. By using this website, you agree to the use of cookies. You can find additonal information about the use of cookies and the possibility of objecting to the use of cookies here.

Use #itsa19

6 - 8 October 2020 // Nuremberg

Posting print layout

What information should be shown in the print layout?

Create print layout
Exhibitors & Products it-sa 2019
Zoom product LOGO_Threat Hunting Use Case

Threat Hunting Use Case

LOGO_Threat Hunting Use Case

Threat Hunting Use Case

Request information Request information

Contact us

Please enter your personal information and desired appointment. You can also leave us a message.

Your personal information

Your message for us

Desired appointment during the exhibition

* Compulsory fields you must fill in.

Information on data protection can be found here.

Your message has been sent.

You do not have a registration yet? Register now and use all advantages of the Exhibitors and Products Database, the supporting programme and the TicketShop.

An error has occurred.

Our approach to Threat Hunting:

The goal of threat hunting is to mitigate the risk once an adversary infiltrates the network. To be effective, threat hunting must start with the threat. The ThreatQ Threat Library includes the ability to centralize and prioritize vast amounts of threat data from external and internal sources so that analysts can automatically determine the highly important items to hunt for within the environment.

ThreatQ Investigations allows analysts to conduct investigations collaboratively to search for and compare indicators across infrastructure and find matches between high-risk IOCs and internal log data that indicate possible connections.

Once a match is discovered, analysts can slowly cast the net wider and identify second-tier indicators and attributes (i.e., malware associations, adversary relationships, similar event indicators, etc.).

These capabilities enable analysts to engage in threat hunting and follow the prescribed lifecycle, similar to that of any scientific experiment.


  • Proactively block similar attacks in the future by developing a signature, or identifying new IOCs to detect and block depending on confidence rating.
  • Adjust corporate policy to align with new defense rules/signatures.
  • Achieve true fusion analysis, leveraging the intelligence and understanding of teams and tools across the organization.
  • Develop better intelligence collection methodologies.
  • Develop better intelligence practices.
  • Find and stop evil before the attack.
  • Mitigate risk when an adversary infiltrates infrastructure.
  • Orchestrated and synchronized threat intelligence management across all teams and tools so they can work in concert and increase effectiveness, efficiency and productivity.

This embedded video is provided by YouTube. When the video plays, usage data is transmitted to YouTube. If you agree, click "Start Video" to play the video.

Product video

 Play video 

You decided to attend the it-sa? Get your tickets at the TicketShop


The selected entry has been placed in your favourites!

If you register you can save your favourites permanently and access all entries even when underway – via laptop or tablet.

You can register an account here to save your settings in the Exhibitors and Products Database and as well as in the Supporting Programme.The registration is not for the TicketShop and ExhibitorShop.

Register now

Your advantages at a glance:

  • Advantage Save your favourites permanently. Use the instant access – mobile too, anytime and anywhere – incl. memo function.
  • Advantage The optional newsletter gives you regular up-to-date information about new exhibitors and products – matched to your interests.
  • Advantage Call up your favourites mobile too! Simply log in and access them at anytime.