The Cyber Threat Hunting System is an AI-powered tool developed by the Government of Canada to accelerate the creation of advanced security queries. Using generative AI models like Anthropic Claude and Copilot, the system helps security professionals quickly develop Kusto Query Language queries to detect potential cyber threats in internal security logs. This significantly reduces the time and complexity of writing advanced threat detection queries, particularly when correlating data across multiple security sources.
The system is currently in production and is used by Government of Canada employees to enhance cybersecurity operations. The system does not process personal information; it focuses exclusively on security event logs and threat detection queries. Security teams interact with the system by providing prompts, and the AI generates optimized query code that can be executed against internal security logs collected through Security Information and Event Management systems.
