The Cyber Hawk process can be broken down into five simple steps:
Install Cyber Hawk appliance on your network.
Customize your Security Policies. The policies turn off/on corresponding alerting.
Cyber Hawk will run daily scans automatically and send an alert whenever it detects a change or threat to the network.
For certain anomalous activity Cyber Hawk will send an email from your IT organization asking your designated stakeholder (e.g. – HR, Accounting) whether the detected issue needs to be investigated further or can be ignored.
You work to resolve issues within our user-friendly portal which exposes the issues along with step by step remediation suggestions.
Machine Learning with Smart Tags
Cyber Hawk uses ‘smart tags’, a feature that allows it to adapt to your unique environment. Smart tags enrich the detection system by adding information about specific users, assets, and settings. These tags help Cyber Hawk gain intelligence about what it detects. Over time, the tags increase the quality of the alerts by displaying more potential threats and fewer false positives. Examples of how you might use the smart tags to fine-tune Cyber Hawk’s alerts for your specific environment:
Tag a computer as being “Restricted IT Admin Only.” When any user logs in who hasn’t been tagged as an “IT Admin”, Cyber Hawk will send an alert.
Tag a computer as “Locked Down,” identifying it as a system that should not have changes made to it. If someone manages to install an application on this machine, Cyber Hawk will detect it and let you know.
Tag a wireless network as a “Guest Wireless Network,” alerting Cyber Hawk that it doesn’t need to worry about new devices appearing on it.
Smart tags can be added or modified on-the-fly at any time, allowing you to first see the alerts Cyber Hawk sends and then “tweak” the tags as needed. If you choose to ignore an alert, the system will automatically generate a new smart tag to prevent similar “false positives” from being generated. The more you use Cyber Hawk, the more it works with you to streamline your service delivery.
Close Your Insider Threat Security Gap With Cyber Hawk Enterprise