Advanced Persistent Threats are those that are able to slip past even the most cutting-edge security defenses due in large part to a very clever strategy. The people behind successful APTs often research the employees, defense and practices of the companies they want to attack. Leading APT solutions with cost and pricing include Endgame, Infocyte and Sqrrl (acquired by Amazon).
Endgame threat hunting overview and pricing
Organizations spent $75 billon on security last year, yet they still face breaches at an alarming rate. Endgame exists to transform that paradigm and not accept breaches as the status quo.
Founded in 2008, Endgame is one of the oldest companies in the threat hunting industry. That makes sense given their signature product, which is also called Endgame. The company clearly defines the role of a threat hunter in terms of someone who can prevent, detect and respond to threats, both known and unknown, and builds its tool(s) around that philosophy.
How much does Endgame cost?
An example Endgame config starts at a cost/price of $225,000 for 5,000 endpoints for an annual subscription and premium support.
Infocyte HUNT threat hunting overview and pricing
Founded by former Air Force officers in 2014, Infocyte HUNT was designed to replace the sometimes months-long, labor intensive hunting process that some government agencies were using at the time for a lower price. HUNT is completely centered on network endpoints and has no need for additional sensors reducing the cost of Infocyte.
How much does Infocyte HUNT cost?
Pricing for Infocyte HUNT starts at a cost of $6,000 for 100 endpoint licenses with volume discounts available.
Sqrrl threat hunting overview and pricing (acquired by Amazon)
The Sqrrl Data Threat Hunting Platform was created by ex-employees of the National Security Agency in 2012. Sqrrl Data integrates into any network and collects data from the SIEM as well as other sources, such as outside threat data feeds making it’s pricing more appealing. It is normally installed as software but can be run in a virtualized or even a cloud environment to reduce budgetary costs.
How much does Sqrrl cost?
Pricing for Sqrrl is based on the number of hunters who need to use the system and the amount of internal traffic data that needs to be analyzed. A system with a single hunter on a modest sized network would start at $25,000. Given that the average successful breach can cost half a million dollars or more in direct and indirect costs, sponsoring a hunter and equipping them with Sqrrl seems like a good preemptive investment.