Kestrel Threat Hunting Language

Hunt faster, easier, and with more fun!

Kestrel threat hunting language provides an abstraction for threat hunters to focus on the high-value and composable threat hypothesis development instead of specific realization of hypothesis testing with heterogeneous data sources, threat intelligence, and public or proprietary analytics.

Kestrel GitHub repo is the official portal of everything Kestrel beyond this documentation: news, demo, tutorial, sandbox, huntbooks, analytics, blogs, talks, community entrances, and more.

Indices and tables