"Multi-tenant application platforms represent the state-of-the-art for cloud-based business applications"
Yefim Natis, VP, Distinguished Analyst
HAWK.io – Cloud Based Security Analytics As A Service
HAWK.io is a multi-tenant cloud-based big data security analytics platform. HAWKI.io uses rich analytics and artificial intelligence in real-time on all of your IT machine data to accurately detect, validate, and prioritize only relevant security incidents. SecOPs personnel are notified with information about incidents.
Details included are:
- Timeline of attack chain
- Interactions and lateral movements of users, systems and applications
- Disclosure of why it qualified as an incident
- Raw event data for forensic investigation
Solution
HAWK.io replaces existing on-premise SIEM by providing rich BDSA as a cloud-based service featuring:
- Rapid, assisted onboarding of user, application, and asset log/machine data
- No-touch software updates
- Support for mixed cloud-based and on-premise-based data sources
- High availability – 99.9% guaranteed
- Easy to use web-based portal into all of the collected data, along with real-time alerting, and incident management when analytics detect an incident
- Concierge service provides off-hours notification/escalation about detected incidents that require attention
- Customizable dashboards
Benefits
Easy to Use
- Stand up a SOC that leverages advanced security analytics and reporting quickly in days not weeks/months
- Analytics that covers all users, applications, and assets
- Receive only accurate security incidents instead of a flood of alerts
- Simple, effective Incident Workflow Management
Low Cost
- Simple consumption based pricing model allows for flexibility and affordability as IT environments change over time
- Attractive to companies with security monitoring/reporting requirements but with smaller budgets for IT/security staffing and software/hardware expenditures
High Value
- Delivers accurate, actionable security incidents
- Reporting that is highly configurable and high performance
- Effective analytics can automate Level 1 SOC operations, eliminating the need for additional FTEs, therefore enabling Level 2 security analysts to be more effective
- Rapid time-to-efficiency