[metaslider id=2951] … Read More
Hexis HawkEye G 4.0 Release Now Available
HawkEye G 4.0 Features Network Sandbox Capabilities Powered
by a Partnership with Lastline, a Cloud Offering, and Extended 24/7
HANOVER, Md., May 2, 2016 – Hexis Cyber Solutions Inc. (Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (NASDAQ: KEYW) and provider of advanced cybersecurity solutions for commercial companies and government agencies, announced today the general availability of HawkEye G 4.0. This release represents a continued focus on expanding the company’s core capabilities of integrated detection and automated response. Major highlights of this release include:
- Addition of network sandbox capabilities through a strategic partnership with Lastline. This enhances HawkEye G’s breach detection by combining industry-leading network sandboxing with its next-generation endpoint detection and response.
- Expanded and flexible deployment options for HawkEye G deployed in the cloud, on-premise, or a hybrid deployment.
- Managed Services Premium now available, providing organizations with continuous security monitoring and management around-the-clock 24/7.
Improved Detection Combines Industry Leading Network Sandboxing Powered by Lastline with HawkEye G Next-Generation Endpoint Detection and Response
HawkEye G 4.0 now offers network sandboxing capabilities powered by Lastline, the only Full System Emulation (FUSE™) malware analysis platform with one of the highest-rated scores for security effectiveness by independent testing company NSS Labs. The integration of network sandboxing powered by Lastline strengthens HawkEye G’s signature-less detection improving an organization’s ability to detect and remediate unknown cyber threats. HawkEye G extracts suspicious multi-protocol content from network traffic and sends it to Lastline’s hosted or on-premise sandbox environment, where it is detonated and analyzed. Release 4.0 includes support for Windows PE executables, Microsoft Office documents, and PDF files in HTTP and STMP traffic; future support will include Mac OS X Mach-O executables and Android APK binaries delivering the most comprehensive coverage of file types and protocols available in the industry.
“The partnership between Hexis and Lastline provides a compelling offering for enterprises of all sizes looking to improve the visibility and detection of unknown threats at both the endpoint and network while eliminating point solutions from their enterprise,” explains Chris Carlson, VP of Product Management, Hexis Cyber Solutions. “This integrated offering provides organizations with industry-leading network sandboxing in addition to our award-winning next-generation endpoint detection and response capabilities.”
The Lastline partnership bolsters our integration capabilities with market-leading security technologies including FireEye™, Palo Alto Networks™ and Splunk™.
HawkEye G’s Next-Generation Endpoint Detection and Response Platform Now Available in Cloud and Hybrid Cloud Deployments
The release of HawkEye G 4.0 also includes a cloud offering. The single tenant cloud deployment provides an easy, secure way to leverage HawkEye G without needing to deploy and manage on-premise equipment. For customers who select the cloud deployment, Hexis offers a choice of geographic data center locations starting with the United States, with forthcoming datacenters in the United Kingdom, Germany, Australia and Japan.
“Whether you leverage HawkEye G in the cloud, on-premise, or a hybrid combination, the enhancements featured in HawkEye G 4.0 position us as the leading threat detection and automated response platform available today,” Chris Carlson states. “As we continue to bring innovative capabilities to the market, customers of all sizes will benefit from the advanced security protection we’re offering.”
Hexis Managed Services Premium Now Provides Continuous Security Monitoring and Management Around-the-Clock 24/7
Hexis also announces the availability of Managed Services Premium, providing customers with access to Hexis cyber security experts 24 hours a day, 7 days a week. This new offering expands comprehensive security management and monitoring of customer environments to include non-traditional business hours.
Big data analytics a useful security tool, says analyst
By Warwick Ashford – Security Editor – ComputerWeekely.com
The majority of companies using big data security analytics report a high business benefit, according to the Business Application Research Center
While data analytics from places like KNIME are already helping businesses to make sense of their data and use it to inform decisions within the company, big data analytics is a useful tool for enabling organisations to become more resilient in the face of increasing cyber attacks, according to a software market analyst and IT consultant.
“A recent survey found that 53% of organisations that are using big data security analytics report a ‘high’ business benefit,” said Carsten Bange, founder and managing director of the Business Application Research Center (Barc).
“The survey also found that 41% reported a ‘moderate’ benefit and only 6% said benefit was ‘low’, so there is fairly strong evidence of the business benefits of big data security analytics, ” he told Computer Weekly.
While adoption across the board is still relatively low, more than two-thirds of the more advanced companies surveyed are adopting advanced big data security analytics technologies, such as user behaviour analytics, the Barc survey revealed. For example, Splunk Technology is one of the leading big data analytics companies that is getting adopted by many companies. Hiring splunk professional services to implement and leverage the tools has become common in big organizations.
The more advanced companies, which classified themselves as having “much better” skills and competency in security analytics than their companies, represented 13% of the total sample, with 68% saying they have deployed user behaviour analytics.
“Of the 87% who did not consider themselves to be in the more advanced group, only 27% have deployed user behaviour analytics,” said Bange.
User behaviour analytics can help improve an organisation’s cyber security resilience, he said, by tracking user behaviour across all IT systems, for example, to identify whenever there are significant deviations from normal behaviour to warn of potential malicious activity.
“There is nothing new in being able to identify patterns of behaviour – most of the analysis techniques are 30 to 40 years old – but now we are able to apply them to extremely large data sets across multiple information technology systems,” said Bange.
“Organisations need to know there is now the technology to support this kind of analysis that can be very beneficial in the field on information security. It can enable organisations to become more resilient through data-driven security decision-making, planning and incident responses,” he said.
Comparing the Top Big Data Security Analytics Tools
From Guest Contributor on TechTarget
Expert Dan Sullivan compares how the top-rated big data security analytics tools measure up against each other to help you select the right one for your organization.
In the near future, big data security analytics will become as common as malware detection and vulnerability scanning. That’s because these platforms allow enterprises to capture data from multiple, varied data sources, integrate that data in near real time, analyze patterns and detect malicious activity, as well as monitor, report and conduct forensic investigations.
This article highlights some of the most important features of several of the leading big data security analytics tool vendors — Cybereason, Fortscale, Hexis Cyber Solutions, IBM, LogRhythm, RSA and Splunk — against the five essential factors essential for realizing the full benefits of these platforms. These factors, as described in detail in the last article in this series, include:
- Unified data management
- Support for multiple data types, including log, vulnerability and flow
- Scalable data ingestion
- Information security-specific analytic tools
- Compliance reporting
3 ways SMBs can become more cyber resilient
With companies facing more risk of attacks, it’s vital to step up endpoint and network security
By Todd Weller, Special to ThirdCertainty – Vice President of Corporate Development at Hexis Cyber Solutions
Cyber attackers don’t discriminate based on company size. They focus on the value of the data they can steal. This means that most small and midsize businesses face much the same cyber exposures as large enterprises.
But due to cash flow and manpower constraints, SMBs face greater challenges when it comes to securing their networks. Unfortunately, attackers aren’t sympathetic and these challenges may result in SMBs being viewed as more attractive targets.
Based on the data breaches disclosed in 2014 and 2015, it is clear that cyber attacks have become a mainstream operational risk for all companies.
That said, there is no reason 2016 shouldn’t be a year in which companies, especially SMBs, make progress toward achieving cyber resilience. This should be a key objective for organizations of all sizes.
Cyber resilience requires organizations to have plans in place to prevent, detect, respond and recover rapidly from cyber attacks. In short, cyber attacks are now a business and operational risk and no longer just an IT risk.
The good news for SMBs is that steady improvement of the company’s security posture does not have to be an overwhelming endeavor. Here are three steps to put you on a path to become more cyber resilient in 2016:
Improve visibility. Relying on detection technologies focused primarily on known threats no longer provides sufficient visibility. Detecting advanced threats requires deployment of behavior-based detection capabilities on both endpoints and networks. Continuous recording capabilities (analogous to a security camera) can be used reactively and proactively.
Focus on integration. Some large organizations deploy solutions from hundreds of security vendors. SMBs with limited resources do not have that option. Fortunately, many cybersecurity vendors are moving toward integration of multiple detection capabilities. There is a growing trend of a provider offering both endpoint and network capabilities.
Look into managed services. Monitoring and effectively responding to thousands of alerts can be daunting. This is why many SMBs are looking to consume security monitoring and response as a managed service. This may be through in-house assistance or from companies such as zzcomputer.com, it all depends on what a business needs. The good news for SMBs is that by going to a managed security services provider, they not only get access to a nice car, but also get a driver with it.
Hexis Cyber Solutions Enhances HawkEye G Integrated Detection and Automated Response Capabilities
HANOVER. Md., March 01, 2016 — Hexis Cyber Solutions Inc. (Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (NASDAQ:KEYW), and a provider of advanced cybersecurity solutions for commercial companies and government agencies, is committed to the continuous innovation and development of its flagship next-generation endpoint security solution, HawkEye G. With a continued focus on enhancing its integrated malware and threat actor detection modules, enterprise platform support, and ecosystem partners, Hexis is pleased to announce current and forthcoming product enhancements to its HawkEye G solution.
Significant HawkEye G Release 4 Enhancements Demonstrate Continued Innovation
Hexis continues to focus on product innovation and the forthcoming HawkEye G release 4 will include several, significant enhancements.
Expanded network sandboxing integration.
HawkEye G Release 4 will include native, network sandboxing capabilities powered by Lastline, the only Full System Emulation (FUSE™) malware analysis platform. Lastline was recognized by NSS Labs as a leader in Breach Detection in its 2015 Breach Detection System Comparative Evaluation. This technology integration will add multi-protocol content extraction and network sandbox malware analysis to the HawkEye G product line without requiring additional appliances. Network content will be extracted, verified, and submitted from the HawkEye G Network Sensor appliances to Lastline’s malware analysis sandbox for detonation, analysis, and scoring for false positive reduction or response actions based on real-time endpoint event data. Organizations can choose to leverage Lastline’s cloud-based or on-premise offerings for the analysis of Windows PE files, Microsoft Office documents, and PDF files extracted from HTTP and SMTP protocols on a single appliance.
Expanding Platform Coverage to Mac OS.
Hexis’ platform support includes Windows workstation and server, Red Hat Linux, and with Release 4 of HawkEye G, expands coverage to Mac OS X. “We continue to expand our platform support offerings to meet our customers’ growing needs for security on their end-user computing platforms. With the addition of Mac OS X support, we’ve set a high bar enabling organizations to improve their endpoint security posture across multiple operating systems, delivering multiple advanced malware detection engines, an expanding third-party ecosystem, and automated response capabilities from a single technology vendor,” explains Chris Carlson, Hexis VP of Product Management.
YARA Rules Support.
HawkEye G Release 4 adds support for customer-defined YARA rules via a YARA engine embedded in the HawkEye G Host Sensor. This will enable multiple new capabilities including custom threat scoring in detection mode, automated quarantine file in response mode, and a new endpoint prevention module that performs process pre-execution suspension, inspection, and termination before malware begins to execute. The prevention module runs locally on the endpoint in either online or offline modes without requiring connection to the HawkEye G Manager or cloud services to function.
“The team has worked tirelessly to develop these product enhancements for the HawkEye G Release 4. We are confident that these additions to the product will empower our enterprise and government customers to better prevent, detect, and respond to ever-changing malicious attacks,” says Chris Fedde, President, Hexis Cyber Solutions.
Hexis HawkEye G App for Splunk™
Built from the ground up with integration in mind, Hexis strives to continuously expand and improve our technology integrations and partnerships with the goal of increasing the value of our solution and enhancing ROI for customers.
With this in mind, we are pleased to announce the release of Hexis HawkEye G App for Splunk, which is now available for download on the Splunk marketplace. The HawkEye G App for Splunk presents a real-time situational overview of the HawkEye G deployment, including dashboards, reports, search and alerting on endpoint and network threat activity, threat scoring, automated and machine-guided remediation activity, and system health and status