Daily Alerts and Weekly Notices Keep You Ahead of Any Internal Threat
Cyber Hawk keeps you posted of any potential internal security issues going on inside your client’s network. Set the time for the daily scan and Cyber Hawk reports back with an email alert sent to any address you specify, including your own ticketing system. The daily alerts aggregate the issues that were detected during the past 24 hours and can be sorted either by priority/severity (high, medium and low) of the threat, or by the type of issue (threat, anomaly, change).
There are dozens of alerts based on network changes, anomalous activity, vulnerabilities and misconfigurations. Here’s a small sample along with their category and alert type:
Category
ACT
Alert
Wireless
Threat
Unauthorized wireless connection
Access Control
Change
New profile (Business Owner’s computer)
Computers
Change
Application installed on locked down system
Computers
Change
Removable drive added to locked down system
Access Control
Change
Administrative rights granted
Access Control
Threat
Unauthorized access to IT restricted computer
Access Control
Change
New device on restricted network
Access Control
Threat
Unauthorized access to accounting computer
Access Control
Threat
Unauthorized access to CDE
Access Control
Threat
Unauthorized access to ePHI
Access Control
Change
Unauthorized printer on network
Access Control
Anomaly
Suspicious user logons by single desktop user
Computers
Threat
Internet restriction not enforced
Computers
Threat
Critical patches not applied timely on DMZ computer
Computers
Threat
Critical patches not applied timely
Access Control
Change
New profile
Access Control
Change
New user
Access Control
Anomaly
Unusual logon to computer by user
Access Control
Anomaly
Unusual logon time by user
Network Security
Threat
New High Severity Internal Vulnerability
Network Security
Threat
New Medium Severity Internal Vulnerability
Access Control
Change
Local User Admin User Added
Even though Cyber Hawk sends you alerts on a daily basis on any potential threat it finds, once a week it will send you a tight summary of all changes to the network that were made during the prior week. This gives you a quick at-a-glance summary of changes that didn’t trigger a alert but still might be worth a quick review.
Changes included in Cyber Hawk’s weekly report fall into the following objects and categories:
Category
Sub-Category
Network
Wireless Networks
Network Devices
Domain Users
Computers
Printers
DNS
Switch Port Connections
Local Users
Security
New Internal Vulnerability
LET US SHOW YOU HOW IT WORKS!
Want to learn more or get pricing? Use the GET A QUOTE. If you’re ready for a customized one-on-one demo, use the REQUEST DEMO button below.
