Logo Logo Logo Logo Logo
Assessment & Compliance Tools For Every IT Professional
  • PRODUCTS
    • Product Line Overview
    • Network Detective Pro
    • VulScan
    • Cyber Hawk
    • Compliance Manager GRC
  • SOLUTIONS
    • For MSPs
    • FOR IT DEPTs
  • SERVICES
    • Product Onboarding
    • Powered Services Pro
    • Semel Systems
  • RESOURCES
  • COMPANY
    • Contact Us
    • About Us
    • Customer Reviews
    • Blog
    • In the News
    • Press Releases
    • Subscription Info
    • Careers
    • Awards
    • Community
  • REQUEST A DEMO
  • CUSTOMER LOGIN
  • Upcoming Events
  • REQUEST A QUOTE
  • CUSTOMER LOGIN
  • UPCOMING EVENTS
  • PRODUCTS
    • Product Line Overview
    • Network Detective Pro
    • VulScan
    • Cyber Hawk
    • Compliance Manager GRC
  • SOLUTIONS
    • For MSPs
    • FOR IT DEPTs
  • SERVICES
    • Product Onboarding
    • Powered Services Pro
    • Semel Systems
  • RESOURCES
  • COMPANY
    • Contact Us
    • About Us
    • Customer Reviews
    • Blog
    • In the News
    • Press Releases
    • Subscription Info
    • Careers
    • Awards
    • Community
  • REQUEST A DEMO
  • CUSTOMER LOGIN
  • Upcoming Events
  • REQUEST A QUOTE
Cyber Hawk™
  • Overview
  • Features
  • Alerting
  • How it Works
  • Request A Demo
Cyber Hawk™
  • Overview
  • Features
  • Alerting
  • How it Works
  • Request A Demo

Cyber Hawk

Change Alerting

Add Another Layer of Risk Management

With Daily Critical Network Change Alerts

Cyber Hawk makes a daily sweep of your entire network looking for specific types of critical changes that you should check for potential security issues going on inside the networks you manage. Set the time for the daily scan and Cyber Hawk reports back with an alert sent to any email address you specify, including your own ticketing system. The daily alerts aggregate the issues that were detected during the past 24 hours and can be sorted either by potential impact (high, medium and low) of the change, or by the type of change.

 

There are dozens of change alerts that can be trigged by unauthorized access to your system, honest but dangerous configuration mistakes, or suspicious end-user behaviors — the kinds of potential threats that vulnreability scanning along can’t catch. Here’s a sample:

Category Change Alert
Wireless New connection to unauthorized wireless access point
Access Control New profile (Business Owner’s computer)
Computers New application installed on locked down system
Computers New removable drive added to locked down system
Access Control New administrative rights granted
Access Control New unauthorized access to IT restricted computer
Network Security New device on restricted network
Access Control New unauthorized access to accounting computer
Access Control New unauthorized access to CDE
Access Control New unauthorized access to ePHI
Access Control New unauthorized printer on network
Access Control New suspicious user logons by single desktop user
Computers Internet access changed from restricted to not enforced
Computers Critical patches no longer applied timely on DMZ computer
Computers Critical patches no longer applied timely
Access Control New profile added
Access Control New user added
Access Control New unusual logon to computer by user
Access Control New unusual logon time by user
Network Security New High Severity Internal Vulnerability (with VulScan)
Network Security New Medium Severity Internal Vulnerability (with VulScan
Access Control Local User Admin User Added

Even though Cyber Hawk sends you change alerts on a daily basis on any potential threat it finds, once a week it also will send you a tight summary of all changes to the network that were made during the prior week. This gives you a quick at-a-glance summary of changes that didn’t trigger a alert but still might be worth a quick review.

 

Changes included in Cyber Hawk’s weekly report fall into the following objects with associated risks:

Object Risk Associated With Change in Object
Wireless Networks It’s not enough to train people to connect to safe and approve wireless network. To reduce risk you want to  detect when they are not.
Network Devices The addition or removal of network devices without approval and knowledge can lead to rogue, unmanaged devices which leads to increased risk.
Domain Users Users may be elevated to Domain Admin without your knowledge, either by accident or through access breach. Alerts on this type of change should always be reviewed and action should be taken immediately if the change was unauthorized.
Computers The addition or removal of computers without approval and knowledge can lead to rogue, unmanaged devices which leads to increased risk.
Printers The addition or removal of printers without approval and knowledge can lead to rogue, unmanaged devices which leads to increased risk.
DNS Changes in DNS are indicators that someone may be attaching a device to the network or making potentially harmful changes that may results in security issues or availability issues.
Switch Port Connections Changes in Switch Port Connections are indicators that someone may be attaching a device to the network, detected by inspecting what is plugged into each switch and comparing to the last connection.
Local Users The addition or removal of local users can lead to stealth ID and backdoors that could lead to security issues in the future.  A single user might be an administrator on their own computer and adding/removing local user accounts.
New Internal Vulnerability Changes in the set of vulnerabilities should always be evaluated and monitored (available with VulScan Integration).

 

Add Internal Vulnerability Scan Results To Your Alerts & Reports

When you add VulScan to your layered approach to risk management, Cyber Hawk will automatically access the latest VulScan internal vulnerability scan results and seemlessly incorporate the discovered vulnerabilities into a single, unified Change Detection and Management system.

LET US SHOW YOU HOW IT WORKS!

Want to learn more or get pricing? Use the GET A QUOTE. If you’re ready for a customized one-on-one demo, use the REQUEST DEMO button below.

GET A QUOTEREQUEST DEMO
RapidFire Tools - A Kaseya Company

follow us

Request A Demo
Request A Quote
Company Information

RapidFire Tools, Inc.
1117 Perimeter Center West
Suite E-501
Atlanta, GA 30338
678.323.1300

PRODUCTS
  • Network Detective Pro
  • VulScan
  • Cyber Hawk
  • Compliance Manager GRC
SERVICES
  • Product Onboarding
  • Semel Systems
  • Powered Services Pro
QUICK LINKS
  • Blog
  • Resource Center
  • Customer Reviews
  • Awards
  • Events
  • Community
Company Links
  • About Us
  • Press Releases
  • Careers
  • Contact Us
  • In the News
Read VulScan reviews on G2
  • Copyright © 2023 RapidFire Tools, Inc. All rights reserved.
  • |
  • Home
  • |
  • Legal
  • |
  • Privacy
  • |
  • Data Usage
  • |
  • Terms Of Use
  • |
  • Cookies Settings