How are PulseLab insights generated?

PulseLab provides a high-level view of global threat activity derived from Web Application Firewall (WAF) telemetry. The insights shown throughout PulseLab are generated by HuntBot, HuntCode's AI-powered analysis engine.

Rather than offering a live chat interface inside PulseLab, HuntBot operates behind the scenes to analyze aggregated WAF activity and produce the structured insights displayed in the dashboard.

Powered by HuntCode's Core AI

HuntBot uses HuntCode's shared AI architecture, combining OpenAI language models with Retrieval-Augmented Generation (RAG) backed by AWS OpenSearch. This allows it to reason over recent WAF events, identify meaningful patterns, and generate clear, human-readable explanations.

The same core intelligence powers both PulseLab's automated insights and the standalone HuntBot interface used for interactive exploration and commands.

Focused on WAF Activity and Threat Patterns

For PulseLab, HuntBot is scoped specifically to WAF-related analysis. It analyzes sampled and aggregated blocked requests to surface insights that help explain what activity is occurring and why.

• Identify spikes in automated or suspicious traffic
• Highlight common attack paths and reconnaissance behavior
• Surface notable user agents and request pattern anomalies
• Summarize recent WAF activity within the selected analysis window
• Show regional trends and rule effectiveness

Read-Only and Context-Aware

HuntBot operates in a read-only analysis role for PulseLab. It cannot modify firewall rules, change infrastructure settings, or access external or private data sources. All insights are derived from the WAF activity available within PulseLab's configured analysis window.

As PulseLab evolves, additional data sources and deeper analysis may be introduced, but HuntBot will always operate within controlled and transparent boundaries.

For users who want to explore the data in more depth, HuntBot is available as a standalone assistant elsewhere in HuntCode. PulseLab focuses on presenting high-signal summaries, while HuntBot provides interactive analysis and command-based exploration when deeper investigation is needed.