Integrated Detection – Automated Response
HawkEye G is a next-generation threat investigation and automated malware removal solution that lets you continuously detect, investigate and remove advanced threats within the network before they can steal data, compromise intellectual property or cause process disruption.
It seems that everyday there are reports of attacks, where the attackers are smarter, stealthier than before, using exploitation techniques that bypass traditional perimeter defenses to enter the network. Once inside they have able time and opportunity to damage. It is reported in the 2013 Verizon Data Breach report that 66% of breaches remained undiscovered for months or even years. The need to identify the potential threats immediately is a must, and up until now was extremely difficult – enter HawkEye G.
With HawkEye G, you have complete visibility into what’s happening on your networks and endpoints. The integrated platform collects information from a variety of sources including the real-time endpoint sensors, network edge detection and a growing third-party ecosystem to pick-up on each and every threat attacking your system.
Once detected, the G product is not going to inundate you with alerts – that you probably will not have time to investigate – but is is designed to help you know which threats matter, which are false positives and what really needs your attention. Not only does the solution provide you complete visibility to all alerts from the network and the endpoints, but it can also verify the alert so your team is focusing on the threats that need the most attention.
Now comes the true power of the Hawkeye G – HawkEye G has determined the threats that need your attention, and you’re able to respond:
Step 1: Create Rules of Engagement
Organizations need to have policies in place that empower incident response and security teams to act quickly in remediating and removing threats. By leveraging HawkEye G Threat Score capabilities, organizations can leverage different types of responses based on the threat score. For example, if you have high confidence that a threat against a high value asset is legitimate, stop the threat and notify your director for removal protocol.
Step 2: Ensure You Have an Array of Countermeasures in Place
In order for you policies to be effective, organizations should make sure that they have a variety of countermeasures in place to respond to attack. HawkEye G allows companies the flexibility to take a variety of actions including:
- Log the attack and alert
- Block or deflect the communication
- Kill process
Companies are using the HawkEye G to actively defend their environments against malware by:
- Collecting and analyzing host and network data, as well as 3rd-party data, to identify malicious code that has breached the perimeter and is in the network
- Conducting security and forensics investigations at machine speed with agentless methods
- Determining a comprehensive threat removal strategy that minimizes impact on the business
- Implementing automated or machine-guided policy-based countermeasures to surgically remove threats
- Gaining real-time protection against emerging threats with new analytics, countermeasures and software updates through the cloud