HAWK's eyeCon-BDSA (Big Data Security) Platform goes beyond simply seeing the threat, allowing you to monitor, prioritize, and manage the impact and the extent of immediate and advanced persistent threats (APT).
HAWK eyeCon-BDSA correlates alerts from logs across all networked systems, as well as, perform streaming behavioral analytics of users, assets, and applications across the enterprise to identify potential security events. You can then investigate these events, analyze security trends, and view reports via your secure web portal. Our event correlation and information management service gives customers the means for early detection and facilitating containment of true indicators of compromise (IOC).
- Fully capable security event correlation with benefit of behavioral analytics across users, applications, and assets
- Ability to collect, correlate, and manage Big Data
- True many to many correlation
- Configurable scoring system
- Deliver actionable security events
- Complete reporting for Regulatory Compliance
Grid Architecture and Distributed Correlation Engines
The unique, patented eyeCon-BDSA platform allows organizations of any size to seamlessly scale their security intelligence infrastructure across the enterprise. Using an advanced patented scoring system, HAWK integrates and correlates information from devices and applications, learning heuristically the attributes of meta-data, binary and payload data, and adds context to reduce logging 'noise' to a manageable number of events worthy of further investigation. Security Analysts can then access the data through a single, comprehensive user interface without having to be a Data Scientist.
The HAWK team had the unique needs of cloud hosting environments clearly in mind when they built HAWK eyeCon-X. eyeCon-X delivers all of the benefits and functionality that HAWK's eyeCon-BDSA provides while also provides for true multi-tenancy and controlled individual customer views and policies right out-of-the-box. HAWK's eyeCon-x is a single vendor solution that will scale to even the largest hosting and managed security services provider environments.
eyeCon-X is designed to make security analysts more effective in recognizing advanced persistent threats (APTs) and efficient in recommending responsive action to indicators of compromise (IOCs).
- True Multi-Tenant Architecture
- Parallel queries against multiple data base shards/Grid Architecture
- Access a fully virtual environment
- Isolate and federate customer data
- Provide individual access rights
- Create separate policies for each client
- Grid Architecture to handle BIG DATA
- Individual customer portals
The HAWK eyeCon-VSA (Visual Security Analytics) is for customers looking for streaming advanced analytics applied to their existing SIEM/Log Management product. eyeCon-VSA delivers all of the security analytical capabilities that HAWK’s full featured eyeCon-BDSA provides but without requiring a replacement of existing investments in SIEM or Log Management products. HAWK eyeCon-VSA delivers true BDSA value to customers who want to continue to leverage existing log/event aggregator products.
HAWK eyeCon-VSA compliments any SIEM or Log Aggregation solution by:
- Applying enriched streaming analytics to your existing solution
- Read, parse and normalize data from your existing solution
- Store raw payload data on all incidents investigations and forensics