Cyber Hawk keeps you posted of any potential internal security issues going on inside your client’s network. Set the time for the daily scan and Cyber Hawk reports back with an email alert sent to any address you specify, including your own ticketing system. The daily alerts aggregate the issues that were detected during the past 24 hours and can be sorted either by priority/severity (high, medium and low) of the threat, or by the type of issue (threat, anomaly, change).
There are dozens of alerts based on network changes, anomalous activity, vulnerabilities and misconfigurations. Here’s a small sample along with their category and alert type:
Category | ACT | Alert |
---|---|---|
Wireless | Threat | Unauthorized wireless connection |
Access Control | Change | New profile (Business Owner’s computer) |
Computers | Change | Application installed on locked down system |
Computers | Change | Removable drive added to locked down system |
Access Control | Change | Administrative rights granted |
Access Control | Threat | Unauthorized access to IT restricted computer |
Access Control | Change | New device on restricted network |
Access Control | Threat | Unauthorized access to accounting computer |
Access Control | Threat | Unauthorized access to CDE |
Access Control | Threat | Unauthorized access to ePHI |
Access Control | Change | Unauthorized printer on network |
Access Control | Anomaly | Suspicious user logons by single desktop user |
Computers | Threat | Internet restriction not enforced |
Computers | Threat | Critical patches not applied timely on DMZ computer |
Computers | Threat | Critical patches not applied timely |
Access Control | Change | New profile |
Access Control | Change | New user |
Access Control | Anomaly | Unusual logon to computer by user |
Access Control | Anomaly | Unusual logon time by user |
Network Security | Threat | New High Severity Internal Vulnerability |
Network Security | Threat | New Medium Severity Internal Vulnerability |
Access Control | Change | Local User Admin User Added |
Even though Cyber Hawk sends you alerts on a daily basis on any potential threat it finds, once a week it will send you a tight summary of all changes to the network that were made during the prior week. This gives you a quick at-a-glance summary of changes that didn’t trigger a alert but still might be worth a quick review.
Changes included in Cyber Hawk’s weekly report fall into the following objects and categories:
Category | Sub-Category |
---|---|
Network | Wireless Networks |
Network Devices | |
Domain Users | |
Computers | |
Printers | |
DNS | |
Switch Port Connections | |
Local Users | |
Security | New Internal Vulnerability |
Want to learn more or get pricing? Use the GET A QUOTE. If you’re ready for a customized one-on-one demo, use the REQUEST DEMO button below.