Threat Hunt Reports

  • Updated on Nov 4, 2024
  • Published on Oct 15, 2024
  • 1 minute(s) read
Prev Next

To enhance your understanding of what Red Canary is doing on your behalf, your Threat Hunting team will publish results from hunts and make them available to you directly from the portal. Learn more about your Threat Hunting team.

Viewing Threat Hunts

Viewing all Threat Hunts

When the Threat Hunting team publishes a report as a result of a hunt, you can find the associated published threats available on the Threat Hunts page. Navigate here by using the navigation panel on the left.

Threat Hunts can be found under the Detection & Response section:

The Threat Hunt page provides a table of information

  • Title: The Title of the threat hunt

  • Description: a short overview of what the Threat Hunt covered

  • Published At: The time this Threat Hunt was published

  • Results: A list of threats this Threat Hunt resulted in. This section may be blank if there are no associated Threats.

Threats published as a result of a threat will indicate the associated Threat hunt Contact your Threat Hunting team if you need assistance.

Viewing Associated Threats

Threats that are published as a result of a Threat Hunt are indicated in the Threat Analytics section of the Threat timeline:

Additionally, each Event that contributed to a Threat sourced from a Threat Hunt will be indicated as such:

Viewing the activity feed

When a new report is published, it will appear on your activity feed. Filter for Threat Hunts to view entries related to hunts, and their results. To filter for Threat Hunts in the activity feed, click Filter, and select Threat Hunts.

Sharing reports

Threat hunt reports can be shared via email. Markdown formatting of the report content is supported.