Why OpenText
Why OpenText
Overview Why OpenText
OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Manage and connect data
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
AI-ready information
Get AI-ready and transform your data into structured, accessible, optimized information
Built-in security and compliance
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
Empowering people
Overview Empowering people
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
Customers
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Employees
Our people are our greatest asset; they are the life of the OpenText brand and values
Corporate Responsibility
Learn how we aspire to advance societal goals and accelerate positive change
Partners
Find a highly skilled OpenText partner with the right solution to enable digital transformation
How we compare
Content Management
Service Management
Deploy anywhere
Overview Deployment options
Explore scalable and flexible deployment options for global organizations of any size
Sovereign cloud
Local control. Global scale. Trusted AI
Private cloud
Your cloud, your control
On-premises
Free up resources, optimize performance and rapidly address issues
Public cloud
Run anywhere and scale globally in the public cloud of your choice
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Analytics
Overview Analytics
Predict, act, and win with real-time analytics on a smarter data platform
OpenText™ Aviator Search(AI)
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Business Network
Overview Business Network
Connect once, reach anything with a secure B2B integration platform
Content
Overview Content
Reimagine knowledge with AI-ready content management solutions
OpenText™ Content Aviator(AI)
Supercharge intelligent workspaces with AI to modernize work
Cybersecurity
Overview Cybersecurity
Integrated cybersecurity solutions for enterprise protection
OpenText Cybersecurity for SMBs & MSPs
Purpose built data protection and security solutions
OpenText™ Cybersecurity Aviator(AI)
Reinvent threat hunting to improve security posture with the power of agile AI
DevOps
Overview DevOps
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Experience
Overview Experience
Reimagine conversations with unforgettable customer experiences
Observability and Service Management
Overview Observability and Service Management
Get the clarity needed to cut the cost and complexity of IT operations
OpenText™ Service Management Aviator(AI)
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
APIs
Overview APIs
Build custom applications using proven OpenText Information Management technology
OpenText™ Aviator Thrust
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Device and Data Protection
Overview Device and Data Protection
Protect what matters, recover when it counts
Unified Endpoint Management Tools
- OpenText™ Endpoint Management
- OpenText™ ZENworks Suite
- OpenText™ ZENworks Service Desk
- OpenText™ ZENworks Configuration Management
- OpenText™ ZENworks Endpoint Security Management
- OpenText™ ZENworks Full Disk Encryption
- OpenText™ ZENworks Endpoint Software Patch Management
- OpenText™ ZENworks Asset Management
Solutions
Information Reimagined
Overview Information Reimagined
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Artificial Intelligence
Overview Aviator AI
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Industry
Overview Industry solutions
Improve efficiency, security, and customer satisfaction with OpenText
Enterprise Application
Overview Solutions for Enterprise Applications
Run processes faster and with less risk
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Services
Services
Overview Services
Achieve digital transformation with guidance from certified experts
Professional Services
Modernize your information management with certified experts
Customer Success Services
Unlock the full potential of your information management solution
Support Services
Turn support into your strategic advantage
Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Professional Services
Overview Professional Services
Modernize your information management with certified experts
Customer Success Services
Overview Customer Success Services
Unlock the full potential of your information management solution
Support Services
Overview Support Services
Turn support into your strategic advantage
Managed Services
Overview Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Overview Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Partners
Find a Partner
Overview Find a partner
Information is the heartbeat of every organization. We build information management software so you can build the future
Cloud Partners
Overview Cloud Partners
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
Migrate, optimize and manage information management solutions on AWS
Optimize performance and reduce costs with applications deployed on a secure, globally scaled platform
Accelerate migration and modernization with deployment in a highly secure and compliant public cloud
Enterprise Application Partners
Overview Enterprise Application Partners
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Partner Solutions
Overview Partner Solutions
Discover flexible and innovative offerings designed to add value to OpenText solutions
Resources for Partners
Overview Resources for Partners
Discover the resources available to support and grow Partner capabilities
Support
Overview Customer Support
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Resources
Overview Resources
Explore detailed services and consulting presentations, briefs, documentation and other resources
This page is available for the following regions.
Europe, Middle East and Africa
Asia–Pacific
What is Cyber Threat Hunting?
Overview
Cyber threat hunting is a forward-looking approach to internet security where threat hunters proactively search for security risks concealed within an organization’s network. Unlike more passive cybersecurity hunting strategies—like automated threat detection systems—cyber hunting actively seeks out previously undetected, unknown, or non-remediated threats that could have evaded your network’s automated defense systems.
Cyber threat hunting
What is hybrid IT?
Cybercriminals are becoming more sophisticated than ever, making cyber threat hunting an essential component of robust network, endpoint, and dataset security strategies. If an advanced external attacker or insider threat eludes initial network defense systems, they can remain undetected for months. During this time, they can gather sensitive data, compromise confidential information, or secure login credentials that enable them to sneak laterally across your networking environment.
Security personnel can no longer afford to sit back and wait for automated cyber threat detection systems to notify them of an impending attack. With cyber threat hunting, they can proactively identify potential vulnerabilities or threats before an attack can cause damage.
How does cyber threat hunting work?
Cyber threat hunting combines the human element with a software solution’s big data processing power. Human threat hunters—who use solutions and intelligence/data to find adversaries who may evade typical defenses—lean on data from complex security monitoring and analytics tools to help them proactively identify and neutralize threats.
Human intuition, strategic and ethical thinking, and creative problem solving play an integral role in the cyber hunting process. These human characteristics enable organizations to implement threat resolutions faster and more accurately than solely relying on automated threat detection tools.
What's required to start threat hunting?
For cyber threat hunting to work, threat hunters must first establish a baseline of anticipated or authorized events to better identify anomalies. Using this baseline and the latest threat intelligence, threat hunters can then comb through security data and information collected by threat detection technologies. These technologies can include security information and event management solutions (SIEM), managed detection and response (MDR), or other security analytics tools.
Once equipped with data from varied sources—such as endpoint, network, and cloud data—threat hunters can scour your systems for potential risks, suspicious activities, or triggers that deviate from the normal. If a known or potential threat is detected, threat hunters can develop hypotheses and in-depth network investigations. During these investigations, threat hunters attempt to discover whether a threat is malicious or benign, or whether the network is safeguarded adequately from new types of cyber threats.
Is cyber threat hunting a part of threat intelligence?
Cyber threat intelligence is a focus on the analysis, collection, and prioritization of data to improve our understanding of threats facing a business.
Threat hunting investigation types
There are three core threat hunting investigation types:
- Structured: This type of cybersecurity hunting is based on an indicator of attack, as well as an attacker’s tactics, techniques, and procedures (TTPs). Using the MITRE Adversary Tactics Techniques and Common Knowledge (ATT&CK®) framework, structured hunting enables threat hunters to identify a malicious actor before they can harm the network.
- Unstructured: Based on a trigger or indicator of compromise (IoC), threat hunters use unstructured hunting to search for any noticeable patterns throughout the network both before and after a trigger or IoC was found.
- Situational or threat-intelligence-based: Hypotheses are derived from situational circumstances, such as vulnerabilities discovered during a network risk assessment. With the latest threat intelligence, threat hunters can reference internal or crowdsourced data on cyberattack trends or attacker TTPs when analyzing their network.
In all three of these investigation types, threat hunters search through events for anomalies, weaknesses, or suspicious activity outside of anticipated or authorized events. If any security gaps or unusual activity are found, hunters can then patch the network before a cyberattack occurs or reoccurs.
The four steps of cyber threat hunting
To effectively initiate a cyber threat hunting program, there are four steps your security personnel should follow:
- Develop a hypothesis: Threat hunters should develop a hypothesis based on risks or vulnerabilities that might exist within the organization’s infrastructure, current threat intelligence or attacker TTPs, or from suspicious activity or a trigger that deviates from standard baseline activity. They can also use their knowledge, experience, and creative problem-solving skills to establish a threat hypothesis and decide on a path forward to test it.
- Begin the investigation: During an investigation, a threat hunter can lean on complex and historical datasets derived from threat hunting solutions such as SIEM, MDR, and User Entity Behavior Analytics. The investigation will push forward until the hypothesis is confirmed and anomalies are detected, or the hypothesis is found to be benign.
- Discover new patterns: When anomalies or malicious activity are found, the next step is to deploy a quick and efficient response. This could include disabling users, blocking IP addresses, implementing security patches, altering network configurations, updating authorization privileges, or introducing new identification requirements. As your security teams work to resolve network threats proactively, they will inherently learn threat actors’ TTPs and how they can mitigate these threats in the future.
- Respond, enrich, and automate: The job of threat hunting is never ending, as cybercriminals are always advancing and creating new network threats. Cyber threat hunting should become an everyday practice within your organization, operating alongside automated threat detection technologies and your security team's current threat identification and remediation processes.
What are the top challenges of cyber threat hunting?
Because cyber threat hunting takes a proactive, hands-on approach to threat detection and remediation, some organizations face significant challenges when implementing this security practice. For a cyber threat hunting program to be successful, an organization must have three key components working in harmony:
- Expert threat hunters: The human capital involved with cyber threat hunting is arguably the most critical component. Threat hunters must be experts in the threat landscape and be able to identify the warning signs of sophisticated attacks quickly.
- Comprehensive data: To properly seek out threats, hunters must have access to a wealth of data (both current and historical data) that provides visibility across an entire infrastructure. Without this aggregated data, threat hunters won’t be able to create informed threat hypotheses based on your endpoints, network, or cloud infrastructure.
- Up-to-date threat intelligence: Threat hunters must be equipped with the most up-to-date threat intelligence, enabling them to compare current cyberattack trends with internal data. Without knowing what new or trending threats exist, threat hunters won’t have the necessary information to analyze potential network threats correctly.
Deploying all three of these components and ensuring they seamlessly work together requires many organizational resources. Unfortunately, some security teams don’t have access to the right tools, personnel, or information to establish a full-scale cyber threat hunting program.
Discover managed cyber threat hunting with OpenText Cybersecurity
Successfully protecting your organization’s infrastructure requires a proactive approach rather than a reactive one. Gone are the days in which automated threat detection technologies are enough on their own to safeguard confidential data or information. Instead, your security teams must implement an ongoing cyber threat hunting program that enables them to create informed hypotheses and pinpoint network anomalies, risks, or suspicious activity before an external attacker or insider threat can cause damage.
Searching for a managed service to deliver cyber threat hunting without need to invest in software and resources? OpenText™ Security Services provides point-in-time threat hunts and subscription-based services to perform situational-, unstructured-, and structured-based threats and identify anomalies, weaknesses, and suspicious activities. Combined with our expertise in risk and compliance, digital forensics, and incident response, our customers trust OpenText to improve their cyber resilience.
Resources
Related products
OpenText™ Cybersecurity Cloud
Defend with precision, secure with confidence
OpenText™ Enterprise Security Manager
Speed threat detection and response with real-time correlation and native SOAR
OpenText™ Core Behavioral Signals
Proactively detect insider risks, novel attacks, and advanced persistent threats
OpenText™ Security Log Analytics
Accelerate threat detection with insightful, actionable security insights
Threat detection and response
Find and respond to cyber threats that matter
