Kaspersky Unveils Hunt Hub to Boost Transparency in Threat Detection

Editor’s note: Kaspersky has rolled out a significant update to its Threat Intelligence Portal, adding a new Hunt Hub alongside expanded MITRE ATT&CK coverage and a much larger vulnerabilities database. The update is aimed at giving security teams clearer visibility into how threats are detected, why alerts are triggered, and which risks matter most in real-world environments. As cyberattacks grow in volume and complexity, the focus shifts from raw alerts to context and prioritization. This release positions threat intelligence as a practical decision-making tool for analysts, CISOs, and organizations managing increasingly complex digital infrastructures.

Key points

• Hunt Hub centralizes Kaspersky’s threat hunting rules and detection logic, mapped to MITRE ATT&CK techniques.
• Detection logic is presented in a structured, SIGMA-like format for deeper analyst understanding.
• The MITRE ATT&CK coverage map now unifies SIEM, EDR, NDR, and Sandbox visibility in one view.
• The vulnerabilities database has expanded to nearly 300,000 CVEs, with emphasis on exploited threats.

Why this matters

For organizations facing a rising volume of sophisticated cyber threats, transparency and prioritization are critical. By exposing detection logic and linking it directly to attacker behavior and real-world vulnerabilities, the updated portal helps security teams move beyond reactive alert handling. This approach supports more efficient threat hunting, better risk assessment, and smarter allocation of defensive resources, which is especially relevant as digital infrastructure, cloud services, and enterprise networks continue to expand.

What to watch next

• Adoption of Hunt Hub by security operations teams and threat hunters.
• How organizations use the unified MITRE ATT&CK view to assess security gaps.
• Updates to hunt libraries and vulnerability intelligence over time.

Disclosure: The content below is a press release provided by the company/PR representative. It is published for informational purposes.

Kaspersky has announced a major update to its Threat Intelligence Portal (TIP), introducing a new Hunt Hub section alongside an enhanced MITRE ATT&CK coverage map and a significantly expanded vulnerabilities database. The update strengthens organizations’ ability to investigate threats, understand adversary behavior, and proactively monitor the most relevant risks across their environments.

According to the Kaspersky Security Bulletin 2025 report, Kaspersky’s detection systems discovered an average of 500,000 malicious files per day in 2025, marking a 7% increase compared to the previous year. As cyberattacks become more sophisticated and frequent, security teams need more than alerts – they need clarity.

The newly launched Hunt Hub is designed to address growing market demand for greater transparency and deeper insight into how modern detection technologies work. Integrated into the Threat Landscape section of the Threat Intelligence Portal, Hunt Hub provides centralized access to Kaspersky’s threat hunting expertise and detection knowledge.

Hunt Hub includes Kaspersky Next EDR Expert hunts, also known as indicators of attack (IoA) or detection rules. All portal users can explore the catalogue of hunts and their descriptions, while Kaspersky Next EDR Expert customers gain extended access to detailed recommendations and detection logic presented in a convenient, SIGMA-like format. Each hunt is mapped to relevant MITRE ATT&CK tactics and techniques and linked to known threat actors, giving analysts clear context behind every detection.

By making detection logic visible and structured, Hunt Hub effectively removes the “black box” from threat detection. It allows security teams not only to respond to alerts, but also to understand why a detection was triggered and which threat it is designed to uncover – improving trust in security technologies and increasing the efficiency of threat investigation processes.

As part of the update, the MITRE ATT&CK coverage map within the Threat Landscape has been significantly enhanced. The portal now brings together product coverage across SIEM, EDR, NDR and Sandbox solutions, MITRE ATT&CK techniques with scoring, coverage percentages, and related Kaspersky Next EDR Expert hunts in a single, unified view. This enables organizations to assess how well their security stack covers relevant attack techniques and identify potential gaps in protection.

The Vulnerabilities section has also been expanded, with the CVE database now covering nearly 300,000 vulnerabilities. In addition, the portal provides more detailed information on vulnerabilities that have been exploited in real-world attacks, helping organizations prioritize remediation efforts based on actual threat activity.

To learn more about Kaspersky Threat Intelligent Services, please follow the link.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com

This article was originally published as Kaspersky Unveils Hunt Hub to Boost Transparency in Threat Detection on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.