HANOVER, Md., April 20, 2015 (GLOBE NEWSWIRE) — Hexis Cyber Solutions, Inc. (Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (Nasdaq:KEYW), and a provider of advanced cybersecurity solutions for commercial companies and government agencies, today announced a significant new release of its integrated cybersecurity platform, HawkEye G. New capabilities include ThreatSync™ for evidence-based detection and validation of unknown and known threats, and integration with third-party security technologies such as Palo Alto Networks and FireEye for detection and Splunk for increased threat intelligence.
New Capabilities Provide Accurate Policy-Based Automated Threat Removal
Point security solutions and manual remediation processes cannot adequately address today’s increasingly complex cyber threats. Point solutions lack the features, depth and speed needed to stop the external threat actors as they penetrate the perimeter, install malware, establish persistence and move laterally to reach the target. Furthermore, these point solutions generate large quantities of alerts and false positives, leaving it to the inundated incident responders and security teams to find serious threats hidden in all the alerts – making today’s networks more vulnerable than ever.
“Most industry benchmarks have concluded that the time between exploitation and discovery of malicious activity is measured in weeks, if not months,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Reducing the time required for detection and removal of cyber threats is the priority for security professionals today. Protecting business critical data, coupled with the overwhelming advanced skills shortage, has created the need for a unified solution that can detect, verify and remove threats at machine speed.”
In a recent report1 Forrester analysts John Kindervag and Stephanie Balaouras concur stating, “Given the consequences of data breaches, businesses can no longer rely on passive, manual procedures to defend against them. The only way to protect the exfiltration of our data by hackers and cybercriminals is to provide our security teams with a set of rules that will incentivize automated response.”
Working in conjunction with HawkEye G’s policy-based, automated threat removal engine, ThreatSync™ will lower the time between perimeter breach, detection and threat verification, thus empowering security teams to quickly and confidently defend themselves using machine speed removal of sophisticated adversaries.
New Analytics and Third Party Integrations Add More Context Improving Organizations’ Ability to Detect and Remove Threats
Leveraging threat fusion and analytics capabilities from ThreatSync™, and threat intelligence from third-party security solution providers, HawkEye G 3.0 operates as an evidence-based threat removal platform that combats attacks at machine speed. This also enables the security operations teams to more effectively leverage existing security investments as HawkEye G removes the alerts and alarms generated by the third party security products.
Gartner2 analyst Lawrence Pingree highlights the importance of “Bringing together system events, network activities and indicators of compromise mapped across a graphical kill-chain timeline and comprehensive analytics capabilities are essential to operationalize and simplify EDR [endpoint detection and response] for security operations personnel.”
HawkEye G 3.0 not only provides its own host-based and network-based detection capabilities, but also integrates with enterprises’ existing security infrastructure by consuming, fusing and verifying third-party alerts. The new ThreatSync™ Unified Threat Scoring Model measures threat alerts based on how successfully the adversary is meeting its objectives. If the threat is confirmed to be engaged in malicious activity, the threat score is raised and incident responders can execute automated countermeasures or receive an alert that will allow them to follow machine-guided actions to remove the threat. HawkEye G also integrates transparently into security systems, applications, and processes already in place at organizations, sending threat alerts and response actions to third-party reporting, dashboard and event management systems including Splunk, SIEMs and HawkEye AP.
“The staggering amount of false positives and ghost alerts generated by perimeter-based security devices has left security teams searching for a way to cut through the overwhelming noise,” said Chris Carlson, senior director of Product Management, Hexis Cyber Solutions. “With HawkEye G’s new ability to corroborate actual endpoint behavior captured on the platform’s host detection sensors with third-party data, our continuous monitoring capabilities will help capture, analyze, and remove malicious activity before compromise in the enterprise. This is truly a second generation product, and the customer responses from our initial installations have been extremely positive.”
HawkEye G 3.0 will be available April 30 through Hexis Cyber Solutions’ network of channel partners.
For a demonstration of HawkEye G 3.0, visit us at RSA 2015 in San Francisco, on Monday, April 20 through Thursday, April 23 at booth number S1007, located in the South Hall. Or for your own personalized demo, contact us online to schedule a briefing.
1 “Rules Of Engagement: A Call To Action To Automate Breach Response,” Forrester, December 2, 2014, John Kindervag, Stephanie Balaouras with Glenn O’Donnell, Heidi Shey, Claire O’Malley
2 “Competitive Landscape: Endpoint Detection and Response Tools, 2014,” Gartner, November 26, 2014, Lawrence Pingree
Forward-Looking Statements: Statements made in this press release that are not historical facts constitute forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Such statements include, but are not limited to, statements containing the words “estimates,” “believes,” “anticipates,” “plans,” “expects,” ‘will,” “potential,” “opportunities,” and similar expressions. Our actual results, performance or achievements or industry results may differ materially from those expressed or implied in these forward-looking statements, including, but not limited to, express or implied statements concerning: our expectations regarding our future financial performance, including the potential impact of successful contract awards; our bid and proposal pipeline; our ability to achieve projected growth in certain of our business units and the expected timing of such growth; demand for our products, services and solutions serving the intelligence, cyber and counterterrorism communities; and performance of key contracts, including the timing of production related to certain of our contracts and product offerings. Factors that may cause our results to differ, potentially materially, from those expressed or implied in our forward-looking statements include, but are not limited to: risks to our business and financial results related to reductions and other spending constraints imposed on the U.S. Government, including as a result the Federal budget deficit and Federal government shut-downs; risks of adverse regulatory action or litigation; risks that changes, cutbacks or delays in spending by Intelligence Community (IC) customers, including the National Security Agency (NSA), the National Geospatial-Intelligence Agency (NGA), and other agencies within the IC, the Federal Bureau of Investigation, and the Department of Defense (DoD) may occur, which could cause delays or cancellations of key government contracts; risks of delays to or the cancellation of our projects as a result of protest actions submitted by our competitors; risks that changes may occur in Federal government (or other applicable) procurement laws, regulations, policies and budgets; risks related to changes in government and customer priorities and requirements (including cost-cutting initiatives, the potential deferral of awards, terminations or reduction of expenditures to respond to the priorities of Congress and the Administration; and those risk factors set forth in our Annual Report on Form 10-K, dated and filed March 16, 2018 with the Securities and Exchange Commission (SEC), and other filings that we make with the SEC from time to time. Due to such uncertainties and risks, investors are cautioned not to place undue reliance on such forward-looking statements. We are under no obligation to (and expressly disclaims any such obligation to) update or alter our forward-looking statements whether as a result of new information, future events or otherwise.
Director, Corporate Communications
Vice President, Investor Relations and Treasury