Cyber Hawk
Alerting
Daily Alerts And Weekly Notices Keep You Ahead Of Threats
Cyber Hawk keeps you posted of any potential internal security issues going on inside your client`s network. Set the time for the daily scan and Cyber Hawk reports back with an email alert sent to any address you specify, including your own ticketing system. The daily alerts aggregate the issues that were detected during the past 24 hours and can be sorted either by priority/severity (high, medium, and low) of the threat, or by the type of issue (threat, anomaly, change).Machine Learning With Smart Tags
Cyber Hawk uses smart tags, a feature that allows it to adapt to each unique client environment. Smart tags enrich the detection system by adding information about specific users, assets, and settings. These tags help Cyber Hawk gain intelligence about what it detects. Over time, the tags increase the quality of the alerts by displaying more potential threats and fewer false positives. Examples of how you might use the smart tags to fine-tune Cyber Hawk`s alerts for a particular client:- Tag a computer as being Restricted IT Admin Only. When any user logs in who hasn`t been tagged as an IT Admin, Cyber Hawk will send an alert.
- Tag a computer as Locked Down, disabling changes from being made to it. If someone manages to install an application on this machine, Cyber Hawk will sense it and let you know. This is one example of the way tagging removes false positives and increase the relevance of alerts.
- Tag a wireless network as a Guest Wireless Network, alerting Cyber Hawk that it doesn`t need to worry about new devices appearing on it. If a new device shows up on a network not tagged for guest access, Cyber Hawk will send an alert so you can determine the threat level.
Smart tags can be added or modified on the fly at any time, allowing you to first see the alerts Cyber Hawk sends and then tweak the tags as needed. If you choose to ignore an alert, the system will automatically generate a new smart tag to prevent similar false positives from being generated. The more you use Cyber Hawk, the more it works with you to streamline your service delivery.
| Category | ACT | Alert | |||
| Wireless | Threat | Unauthorized wireless connection | |||
| Access Control | Change | New profile (Business Owner`s computer) | |||
| Computers | Change | Application installed on locked down system | |||
| Computers | Change | Removable drive added to locked down system | |||
| Access Control | Change | Administrative rights granted | |||
| Access Control | Threat | Unauthorized access to IT restricted computer | |||
| Access Control | Change | New device on restricted network | |||
| Access Control | Threat | Unauthorized access to accounting computer | |||
| Access Control | Threat | Unauthorized access to CDE | |||
| Access Control | Threat | Unauthorized access to ePHI | |||
| Access Control | Change | Unauthorized printer on network | |||
| Access Control | Anomaly | Suspicious user logons by single desktop user | |||
| Computers | Threat | Internet restriction not enforced | |||
| Computers | Threat | Critical patches not applied timely on DMZ computer | |||
| Computers | Threat | Critical patches not applied timely | |||
| Access Control | Change | New profile | |||
| Access Control | Change | New user | |||
| Access Control | Anomaly | Unusual logon to computer by user | |||
| Access Control | Anomaly | Unusual logon time by user | |||
| Network Security | Threat | New High Severity Internal Vulnerability | |||
| Network Security | Threat | New Medium Severity Internal Vulnerability | |||
| Access Control | Change | Local User Admin User Added |
Don’t Have An Account?
Have An Account?