Kaspersky has announced a major update to its Threat Intelligence Portal (TIP), introducing a new Hunt Hub section alongside an enhanced MITRE ATT&CK coverage map and a significantly expanded vulnerabilities database. The update strengthens organizations’ ability to investigate threats, understand adversary behavior, and proactively monitor the most relevant risks across their environments.
According to the Kaspersky Security Bulletin 2025 report, Kaspersky’s detection systems discovered an average of 500,000 malicious files per day in 2025, marking a 7% increase compared to the previous year. As cyberattacks become more sophisticated and frequent, security teams need more than alerts – they need clarity.
The newly launched Hunt Hub is designed to address growing market demand for greater transparency and deeper insight into how modern detection technologies work. Integrated into the Threat Landscape section of the Threat Intelligence Portal, Hunt Hub provides centralized access to Kaspersky’s threat hunting expertise and detection knowledge.
Hunt Hub includes Kaspersky Next EDR Expert hunts, also known as indicators of attack (IoA) or detection rules. All portal users can explore the catalogue of hunts and their descriptions, while Kaspersky Next EDR Expert customers gain extended access to detailed recommendations and detection logic presented in a convenient, SIGMA-like format. Each hunt is mapped to relevant MITRE ATT&CK tactics and techniques and linked to known threat actors, giving analysts clear context behind every detection.
By making detection logic visible and structured, Hunt Hub effectively removes the “black box” from threat detection. It allows security teams not only to respond to alerts, but also to understand why a detection was triggered and which threat it is designed to uncover – improving trust in security technologies and increasing the efficiency of threat investigation processes.
As part of the update, the MITRE ATT&CK coverage map within the Threat Landscape has been significantly enhanced. The portal now brings together product coverage across SIEM, EDR, NDR and Sandbox solutions, MITRE ATT&CK techniques with scoring, coverage percentages, and related Kaspersky Next EDR Expert hunts in a single, unified view. This enables organizations to assess how well their security stack covers relevant attack techniques and identify potential gaps in protection.
The Vulnerabilities section has also been expanded, with the CVE database now covering nearly 300,000 vulnerabilities. In addition, the portal provides more detailed information on vulnerabilities that have been exploited in real-world attacks, helping organizations prioritize remediation efforts based on actual threat activity.
“With the launch of Hunt Hub in the Kaspersky Threat Intelligence Portal, we are opening up our detection expertise and giving analysts clear visibility into how and why threats are detected. This transparency helps organizations move from reactive alert handling to informed threat hunting and proactive risk management,” comments Nikita Nazarov, Head of Threat Exploration at Kaspersky.
To learn more about Kaspersky Threat Intelligent Services, please follow the link.
