Security AnalyticsCyber Attacker Tracking

The Hacker Becomes The Hunted

Insight Into Cyber Attacker Patterns And Activities That Bypass Defenses

Good security is no longer simply about defense; it is about proactively:

  • Hunting for and tracking cyber attackers within your environment, using iterative searches for attack patterns.
  • Using advanced analysis techniques to explore activity to identify unusual changes and trends that warrant deeper investigation.

Corvil sees all activity in real-time, enabling security teams to find and track malicious activities and cyber attacker movements as they occur. Hunters are provided heavy artillery to seek and put an end to attacks with:

  • Comprehensive visibility into activities such as tunneling, command and control, weak encryption, hosts being accessed, files being run, etc.
  • Adaptive context enrichment that adds dimensions of user, host and threat intelligence

Security teams can incorporate our comprehensive activity details into big data platforms for exploration using data science techniques, behavioral analysis, and machine learning. The more high quality data provided, the more effective these advanced analyses will be.


  • Improved insight into cyber attack patterns and malicious code that bypass defensive controls
  • Improved focus and prioritization
  • Improved tracking of live malicious activities to understand cyber attack patterns
  • Richer anomaly and behavioral analysis using high-fidelity activity data
Attacker Tracking

Track Cyber Attackers

Watch Now
Attacker Tracking

The Not-So-Great Escape

Learn More
Attacker Tracking

On-Demand Webinar:
Hunt for New Cyber Attackers

Learn More
Attacker Tracking

Success Story:
Global Law Firm

Learn More

"67% of hunt teams most frequently investigate user behavioral anomalies (unauthorized access attempts, etc.) to identify new threats"

2018 Threat Hunting Report by Crowd Research Partners


Simplified Anomaly Detection

Continuous process for monitoring communications, authentication, encryption and other protocol anomalies.

User Activity Tracking

Comprehensive tracking of user activity across multiple endpoints and devices for indicators of lateral movement and privilege escalation.

Live Tracking

Leverage our real-time analytics to track malicious activities as they occur.

Backchannel Detection

Reveals covert backchannels and simplifies investigation of internal systems and user accounts associated with using the channels.

Retrospective Threat Matching

Search historical network traffic data for activities matching newly reported threat intelligence.

Coverage Gap Detection

Observe activities from uninstrumented devices and unauthorized access with cloud-based services.

Flexible Integration

Enable richer investigations and behavioral analysis by integrating our streaming analytics with a variety of big data and analytics solutions.

High Quality Data

Activity data from every packet, during every microsecond, made available for live and retrospective analysis.

Immutable Data

Unlike logs, machine communications deliver an immutable record of what actually happened, which we passively capture, analyze and correlate to simplify investigative workflows.