The 2022 ATT&CK Evaluations for Managed Services Call for Participation is now open. Click here to learn how to participate.
Home  >  Enterprise  >  Participants  >  CyCraft  >  APT29 Configuration

CyCraft Configuration

Product Versions

Xensor Server 1.3

Xensor Engine 7.6.12

Xensor Agent 1.4.9

CyCarrier 1.13.5


CyCarrier AIR automates next-generation security operations from forensics, detection and response, incident response, threat hunting and remediation to deliver true AI-driven managed security services.

CyCarrier AIR collects endpoint evidence with Xensor, conducts automated correlation and behavior analysis across all evidence with CyCarrier, and enriches alerts with global threat intelligence from CyberTotal.

CyCarrier AIR follows CyCraft's guiding principles of being Automatic, Intelligent, Resilient to bring ROI-efficient cyber-resilience solutions to new heights.

Key advantages of CyCarrier AIR:

  • Illustrates the entire live topology of endpoints/networks/accounts based on both actual telemetry data and AI inference to empower analysts to see the full picture of the dynamic cyber landscape.
  • Visualizes with an AI-assisted cyber cockpit to oversee the latest sequence diagrams of attack paths - from initial stage (root cause), through privilege escalation and lateral movement, to data exfiltration. AI triggers alerts early in the kill chain, enabling analysts to respond to threats swiftly and precisely.
  • Discovers latent threats by correlating user and entity behaviors across all endpoints.
  • Provides multiple built-in sources of threat intelligence (OSINT, comercial INT, and proprietary INT such as blue team IR cases) to provide AI with rich pools of suspicious threats to hunt with.
  • Deploys flexibly with a user-friendly hybrid engine (one-time agentless scan or real-time agent) and hybrid platform (on-prem data center or SaaS private cloud).

Product Configuration

  • Scan Settings: Default
  • Scan Optimization: Enable All