Network Detective

IT ASSESSMENTS & REPORTING

CLOUD ASSESSMENTS
Microsoft Cloud
IT ASSESSMENTS
Network Security Exchange SQL Server
COMPLIANCE ASSESSMENTS
HIPAA PCI
OVERVIEW

Cyber Hawk

INTERNAL THREAT DETECTION

Detect anomalous activity, suspicious network changes and threats caused by vulnerabilities and misconfigurations.

LEARN MORE

Compliance Manager

COMPLIANCE PROCESS AUTOMATION

Compliance-as-a-Service your customers can trust.

COMPLIANCE STANDARDS
OVERVIEW
VIEW ADDITIONAL RESOURCES

Looking for more information? Visit the Resources page for videos, eBooks, whitepapers and more!

Cyber Hawk

Daily Alerts and Weekly Notices Keep You Ahead of Any Internal Threat

Cyber Hawk keeps you posted of any potential internal security issues going on inside your client’s network. Set the time for the daily scan and Cyber Hawk reports back with an email alert sent to any address you specify, including your own ticketing system. The daily alerts aggregate the issues that were detected during the past 24 hours and can be sorted either by priority/severity (high, medium and low) of the threat, or by the type of issue (threat, anomaly, change).

 

There are dozens of alerts based on network changes, anomalous activity, vulnerabilities and misconfigurations. Here’s a small sample along with their category and alert type:

Category ACT Alert
Wireless Threat Unauthorized wireless connection
Access Control Change New profile (Business Owner’s computer)
Computers Change Application installed on locked down system
Computers Change Removable drive added to locked down system
Access Control Change Administrative rights granted
Access Control Threat Unauthorized access to IT restricted computer
Access Control Change New device on restricted network
Access Control Threat Unauthorized access to accounting computer
Access Control Threat Unauthorized access to CDE
Access Control Threat Unauthorized access to ePHI
Access Control Change Unauthorized printer on network
Access Control Anomaly Suspicious user logons by single desktop user
Computers Threat Internet restriction not enforced
Computers Threat Critical patches not applied timely on DMZ computer
Computers Threat Critical patches not applied timely
Access Control Change New profile
Access Control Change New user
Access Control Anomaly Unusual logon to computer by user
Access Control Anomaly Unusual logon time by user
Network Security Threat New High Severity Internal Vulnerability
Network Security Threat New Medium Severity Internal Vulnerability
Access Control Change Local User Admin User Added

Click here to download a PDF of sample daily alerts

Even though Cyber Hawk sends you alerts on a daily basis on any potential threat it finds, once a week it will send you a tight summary of all changes to the network that were made during the prior week. This gives you a quick at-a-glance summary of changes that didn’t trigger a alert but still might be worth a quick review.

 

Changes included in Cyber Hawk’s weekly report fall into the following objects and categories:

Category Sub-Category
Network Wireless Networks
Network Devices
Domain Users
Computers
Printers
DNS
Switch Port Connections
Local Users
Security New Internal Vulnerability

Download a PDF of sample weekly notice