SYS-CON MEDIA Authors: Ava Smith, Scott Bampton, Elizabeth White, Glenn Rossman, Pat Romanski

Blog Feed Post

HawkEye-G: Addressing key enterprise security technology needs

By

We have previously written about Hexis Cyber Solutions (see evaluation here). With this post we provide more context on some of the enterprise security needs addressed by HawkEye-G from Hexis.

The following are some key technology considerations from an enterprise technology perspective:

  • Over the years, CIOs, CTOs, CISOs and world class best cyber defense professionals have collaborated on the topic of best practices. These take the form of things like the NIST coordinated Special Publication 800-53 or the SANS coordinated 20 Critical Controls. Many other best practices exist for different domains of industry, for example, the credit card industry enforces PCI guidance. But in every case, following all controls and sticking with best practices never eliminates the threat. When a sophisticated adversary wants to breach your perimeter they get in. Technologies are needed that help in defense but more importantly help mitigate and remove malicious capabilities, since adversaries will get through.
  • The controls mentioned above do lay a nice foundation for what is needed (to borrow a phrase from military strategy, these are “necessary but not sufficient” to success). Most enterprises now use a collection of enterprise security capabilities to help execute on their defense in depth strategies and they provide capabilities for the controls mentioned above. For a technology to make positive differences in this domain it must have a proven ability to work with the many existing enterprise security technologies and controls. Integration of the data from existing capabilities is a key need.
  • When adversaries attack and get in it can take a long time before they are discovered. Analysis provided in the 2013 Verizon Data Breach Investigations Report underscores that the typical attack timeline has an adversary that gets into the enterprise fast, but then remain undetected for months. When detected it takes weeks or months for a well resourced/highly trained incident response team to mitigate the attack. Technologies are required that change this timeline to the defenders favor. When adversaries get in, tools are needed to rapidly spot them. And their actions, artifacts and malicious toolkits need to be removed at machine speed, before they have time to extract data.
  • Attacks are expensive. A typical incident will cost millions of dollars to respond to. Smart integration of technologies, analysis of data from the enterprise, and removal of threat capabilities before data is exfiltrated can save millions by preventing adversary success, and can also improve enterprise functionality.

Requirements like those above drove the design and development of HawkEye-G by Hexis. HawkEye-G is a solution that builds on defense in depth, builds on rapid/real-time big data analysis, works well with all other enterprise technologies, provides policy-based/configurable automated threat response/removal capabilities, and helps incident response teams do their job quicker.

Read more on HawkEye-G Here.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.

Latest Stories
Compute virtualization has been transformational, yet security policy implementation and enforcement has lagged behind in agility and automation. There are a number of key considerations when implementing policy in private and hybrid clouds. In his session at 15th Cloud Expo, Holland Barry, VP of Technology at Catbird, will discuss the impact of this new paradigm and what organizations can do to...
Can we look to the paradigm of cloud computing from a completely different perspective? In his General Session at 15th Cloud Expo, Gundars Kulups, Sales Director at DEAC, will discuss what we can learn from our dining habits when choosing a cloud solution. Gundars Kulups is Sales Director at DEAC, full service data center operator. An IT expert, he specializes in European countries and has worke...
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and ...
SYS-CON Events announced today that SOA Software, an API management leader, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to mee...
As cloud gives an opportunity to businesses to buy services externally - how is cloud impacting your customers? In his General Session at 15th Cloud Expo, Fabio Gori, Director of Worldwide Cloud Marketing at Cisco, will provide answers to big questions: Do you see hybrid cloud as where the world is going? What benefits does it bring? And how does Cisco connect all of these clouds? He will also te...
SYS-CON Events announced today that TMCnet has been named “Media Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Technology Marketing Corporation (TMC) is the world's leading business to business and integrated marketing media company, servicing niche markets within the communications and t...
SYS-CON Events announced today that Aria Systems, the recurring revenue expert, has been named "Bronze Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Aria Systems helps leading businesses connect their customers with the products and services they love. Industry leaders like Pitney Bowes, E...
We live in a time when seconds – even milliseconds – can have a dramatic economic impact on your company’s future. With technology being the primary conduit for consumer interaction, the user experience is at center stage. User experience will be a deciding factor in separating the future winners from the losers. By building more speed and agility into the application delivery process, DevOps prom...
SYS-CON Events announced today that Parasoft will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. For 27 years, Parasoft has researched and developed software solutions that help organizations deliver defect-free software efficiently. By integrating Development Testing, API/cloud/SOA/composi...
SYS-CON Events announced today that AgilePoint, the leading provider of Microsoft-centric Business Process Management software, will exhibit at SYS-CON's 2nd International @ThingsExpo which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. AgilePoint is the leading provider of Microsoft-based Business Process Management (BPM) software products, has 1,...