Cyber Hawk

HOW IT WORKS

Overview     |     Features     |     Alerting     |     How it works

Internal Security Made Easy

The Cyber Hawk process can be broken down into 4 simple steps:

Machine Learning with Smart Tags

Cyber Hawk uses ‘smart tags’, a feature that allows it to adapt to each unique client environment. Smart tags enrich the detection system by adding information about specific users, assets, and settings. These tags help Cyber Hawk gain intelligence about what it detects. Over time, the tags increase the quality of the alerts by displaying more potential threats and fewer false positives. Here’s how you might use smart tags to fine-tune Cyber Hawk’s alerts for a particular client:

  1. Tag a computer as being “Restricted IT Admin Only.” When any user logs in who hasn’t been tagged as an “IT Admin”, Cyber Hawk will send an alert.
  2. Tag a computer as “Locked Down,” disabling changes from being made to it. If someone manages to install an application on this machine, Cyber Hawk will sense it and let you know. This is one example of the way tagging removes false positives and increase the relevance of alerts.
  3. Tag a wireless network as a “Guest Wireless Network,” alerting Cyber Hawk that it doesn’t need to worry about new devices appearing on it. If a new device shows up on a network not tagged for guest access, Cyber Hawk will send an alert so you can determine the threat level.

Smart tags can be added or modified on the fly at any time, allowing you to first see the alerts Cyber Hawk sends and then “tweak” the tags as needed. If you choose to ignore an alert, the system will automatically generate a new smart tag to prevent similar “false positives” from being generated. The more you use Cyber Hawk, the more it works with you to streamline your service delivery.