Hexis Cyber Solutions Enhances HawkEye G Integrated Detection and Automated Response Capabilities

HANOVER. Md., March 01, 2016 — Hexis Cyber Solutions Inc. (Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (NASDAQ:KEYW), and a provider of advanced cybersecurity solutions for commercial companies and government agencies, is committed to the continuous innovation and development of its flagship next-generation endpoint security solution, HawkEye G. With a continued focus on enhancing its integrated malware and threat actor detection modules, enterprise platform support, and ecosystem partners, Hexis is pleased to announce current and forthcoming product enhancements to its HawkEye G solution.

Significant HawkEye G Release 4 Enhancements Demonstrate Continued Innovation

Hexis continues to focus on product innovation and the forthcoming HawkEye G release 4 will include several, significant enhancements.

Expanded network sandboxing integration.

HawkEye G Release 4 will include native, network sandboxing capabilities powered by Lastline, the only Full System Emulation (FUSE™) malware analysis platform.   Lastline was recognized by NSS Labs as a leader in Breach Detection in its 2015 Breach Detection System Comparative Evaluation.  This technology integration will add multi-protocol content extraction and network sandbox malware analysis to the HawkEye G product line without requiring additional appliances.  Network content will be extracted, verified, and submitted from the HawkEye G Network Sensor appliances to Lastline’s malware analysis sandbox for detonation, analysis, and scoring for false positive reduction or response actions based on real-time endpoint event data. Organizations can choose to leverage Lastline’s cloud-based or on-premise offerings for the analysis of Windows PE files, Microsoft Office documents, and PDF files extracted from HTTP and SMTP protocols on a single appliance.

Expanding Platform Coverage to Mac OS.

Hexis’ platform support includes Windows workstation and server, Red Hat Linux, and with Release 4 of HawkEye G, expands coverage to Mac OS X. “We continue to expand our platform support offerings to meet our customers’ growing needs for security on their end-user computing platforms. With the addition of Mac OS X support, we’ve set a high bar enabling organizations to improve their endpoint security posture across multiple operating systems, delivering multiple advanced malware detection engines, an expanding third-party ecosystem, and automated response capabilities from a single technology vendor,” explains Chris Carlson, Hexis VP of Product Management.

YARA Rules Support.

HawkEye G Release 4 adds support for customer-defined YARA rules via a YARA engine embedded in the HawkEye G Host Sensor.  This will enable multiple new capabilities including custom threat scoring in detection mode, automated quarantine file in response mode, and a new endpoint prevention module that performs process pre-execution suspension, inspection, and termination before malware begins to execute.  The prevention module runs locally on the endpoint in either online or offline modes without requiring connection to the HawkEye G Manager or cloud services to function.

“The team has worked tirelessly to develop these product enhancements for the HawkEye G Release 4. We are confident that these additions to the product will empower our enterprise and government customers to better prevent, detect, and respond to ever-changing malicious attacks,” says Chris Fedde, President, Hexis Cyber Solutions.

Hexis HawkEye G App for Splunk™

Built from the ground up with integration in mind, Hexis strives to continuously expand and improve our technology integrations and partnerships with the goal of increasing the value of our solution and enhancing ROI for customers.

With this in mind, we are pleased to announce the release of Hexis HawkEye G App for Splunk, which is now available for download on the Splunk marketplace.  The HawkEye G App for Splunk presents a real-time situational overview of the HawkEye G deployment, including dashboards, reports, search and alerting on endpoint and network threat activity, threat scoring, automated and machine-guided remediation activity, and system health and status