Threat Researcher

Threat Intelligence

What It Does

The Threat Researcher is your personal threat intelligence analyst. It monitors global threat feeds, tracks emerging attack patterns, and maps them directly to your clients' environments. When a new vulnerability is disclosed or a new attack campaign is detected, the Threat Researcher immediately assesses whether your clients are at risk. Data sources include: CVE databases, MITRE ATT&CK, AlienVault, AbuseIPDB, dark web monitoring, and honeypot networks.

How It Works

🔍 Discover

Map all assets

📊 Analyze

Identify patterns

⚡ Prioritize

Rank by risk

🛡️ Act

Remediate or alert

Capabilities

Real-time monitoring — Continuous analysis of your client environments
Automated response — Takes action without waiting for human approval
Intelligent escalation — Knows when to involve your team
Learning system — Improves accuracy based on your environment
Multi-tenant — Fully isolated per-client contexts

💡 Pro Tip

Check the agent configuration in your dashboard to tune sensitivity, alert thresholds, and auto-remediation settings for each client.

Configuration

Each agent is configurable per-client through the dashboard. You can adjust scan frequency, alert thresholds, auto-remediation rules, and notification preferences.

FAQ

How long does setup take?

Setup is automatic. Once the connector is deployed, the agent begins working within 60 seconds. No manual configuration required for the default protection profile.

What plan do I need?

This agent is available on all plans. Starter includes 2 agents, Pro and Ultimate include all 6.

Can I disable auto-remediation?

Yes. Auto-remediation is configurable per-client. You can set it to alert-only mode where the agent detects issues but waits for human approval before taking action.