Home >
Enterprise >
Participants >
ReaQta > Carbanak+FIN7 Configuration
|
ReaQta Configuration
Product Versions
- ReaQta-Hive Windows: 3.3.11
- ReaQta-Hive Linux: 0.50.0
- ReaQta-Hive Server: 3.3.99
Product Description
ReaQta-Hive is an AI-powered endpoint security platform that leverages Dynamic Behavioral Analysis to identify and block the most advanced attacks, including zero day threats, in-memory malware and ransomware. Consolidated on a single and elegant dashboard, ReaQta streamlines the work of security analysts by automatically mapping the relevant MITRE ATT&CK events to existing security alerts and threat hunting activities. Attackers’ operations are broken down in stages, making it easy for analysts to identify the phases of the cyber kill-chain that have been reached for efficient, real-time remediation.
ReaQta-Hive makes the MITRE ATT&CK framework an integral part of its operations to speed up and simplify the work of security professionals, while providing in-depth visibility over complex behaviors.
ReaQta-Hive
ReaQta- Hive’s learning models profile the normal behaviour of each endpoint, enabling greater accuracy in detections and alerts when there are deviations from the normal. ReaQta-Hive’s algorithmic approach does not require the use of any managed service capabilities for detection, considerably reducing the workload for SOC teams and MSSPs.
ReaQta’s dashboard lays out a resolution workflow to guide analysts by providing risk indicators, impact assessment and a clear list of high-level activities conducted by attackers, without requiring manual analysis. A powerful threat hunting interface enables security teams to look for suspicious activities in real-time and to discover and aggregate MITRE ATT&CK techniques for easier assessment.

With a unique set of engines capable of continuous learning at both the endpoint and infrastructural levels, ReaQta-Hive can be deployed on-cloud, on-premise and in completely isolated environments, without degradation of performance.
ReaQta’s NanoOS technology
MITRE Engenuity Note: NanoOS was not included in this round's evaluation due to test setup
ReaQta’s proprietary NanoOS technology is a live-hypervisor component that provides deep visibility into endpoint behaviour by enabling monitoring from the hypervisor (Ring -1) layer. The feature is used to acquire low-level information and detect anomalies but this was disabled during the evaluation due to restrictions on the testing environment.
Primary features of NanoOS:
- Is invisible to malware, ensuring attack resilience
- Inspects the OS without modifying running applications/adding hooks that may generate instabilities
- Accurate, reliable data collection even in adversarial scenarios like post-breach assessments
- Little performance impact (<1% CPU)
ReaQta-Hive supports Windows, Linux, MacOS, and Android endpoints, allowing analysts to make use of a single agent to contextualize and respond to threats.
Product Configuration
- NanoOS: Disabled (due to restrictions in the testing environment)
- Quarantine: Disabled
- Anti-Malware: Disabled
- Protection Policies: Disabled
- Anti-Ransomware: Detection Only
- Telemetry level: Standard
- DeStra: Enabled