The Cyber Hawk process can be broken down into 5 simple steps:
Install a single Cyber Hawk appliance on your customer’s network.
Configure the appliance by activating a set of Security Policies using the security check list form. The policies turn off/on corresponding alerting. You can also take advantage of built-in service plan templates or create your own for even easier configuration and standardization of service offerings across your customer base.
Cyber Hawk will run daily scans automatically and send an alert whenever it detects an unsanctioned change or threat to the network.
For certain anomalous activity Cyber Hawk will send an email with your company’s branding to your client asking whether the detected issue needs to be investigated further or can be ignored.
You work to resolve issues within our user friendly portal which exposes the issues along with step by step remediation suggestions. Cyber Hawk also has integrations to all major PSA software solutions.
Machine Learning with Smart Tags
Cyber Hawk uses ‘smart tags’, a feature that allows it to adapt to each unique client environment. Smart tags enrich the detection system by adding information about specific users, assets, and settings. These tags help Cyber Hawk gain intelligence about what it detects. Over time, the tags increase the quality of the alerts by displaying more potential threats and fewer false positives. Examples of how you might use the smart tags to fine-tune Cyber Hawk’s alerts for a particular client:
Tag a computer as being “Restricted IT Admin Only.” When any user logs in who hasn’t been tagged as an “IT Admin”, Cyber Hawk will send an alert.
Tag a computer as “Locked Down,” disabling changes from being made to it. If someone manages to install an application on this machine, Cyber Hawk will sense it and let you know. This is one example of the way tagging removes false positives and increase the relevance of alerts.
Tag a wireless network as a “Guest Wireless Network,” alerting Cyber Hawk that it doesn’t need to worry about new devices appearing on it. If a new device shows up on a network not tagged for guest access, Cyber Hawk will send an alert so you can determine the threat level.
Smart tags can be added or modified on the fly at any time, allowing you to first see the alerts Cyber Hawk sends and then “tweak” the tags as needed. If you choose to ignore an alert, the system will automatically generate a new smart tag to prevent similar “false positives” from being generated. The more you use Cyber Hawk, the more it works with you to streamline your service delivery.