HawkEye G


HawkEye G: Automated Threat Removal Platform

Advanced Persistent Threats (APTs) and commodity malware can easily bypass traditional anti-virus technologies and the most advanced perimeter defenses due to evasion, obfuscation and encrypted channels. Once implanted inside the network, external threat actors are able to move laterally almost unfettered and undetected to exfiltrate intellectual property, take control of sensitive processes, and sabotage critical business systems.

HawkEye G is an active defense technology that detects, verifies, remediates and removes cyber threats at machine speed within the network before they can compromise intellectual property or cause process disruption. HawkEye G brings speed, automation and accuracy to threat response and leverages Hexis Cyber Solutions' unique appreciation for malicious tradecraft.

The HawkEye G Advantage: Detect. Verify. Remove
  • Real-time detection of zero-day, unknown, and known malware threats using endpoint host and network event correlation
  • Policy-driven automation of malware response while removal actions interrupt the malware execution kill chain before compromise or data theft
  • Machine-guided actions support human on-the-loop workflow investigation, verification and manually initiated response where full automation is not desired
  • Dramatically reduces false positives generated by supported perimeter network devices due to malware confirmation on the host itself
  • Unified threat model (ThreatSync™) aggregates individual Indicator of Compromise (IOC) threat scores into an overall risk score for that device
  • Enterprise-ready automated threat removal actions provide a "Force Multiplier" to your Incident Response team

HawkEye AP

HawkEye AP: The Data Analytics Platform

With the increase in sophisticated attacks and the explosion of big data, large enterprises and government organizations are seeking solutions with advanced data analysis capabilities to address new found needs of collecting, storing, and analyzing Big Data.

HawkEye AP delivers an unparalleled solution with the industry's most unique approach to analytics and intelligence – a flexible event data collection process, a clustered, columnar-based event data warehouse and advanced dataflow modeling. A web-based GUI infrastructure for centralized configuration, monitoring and management simplifies installation and administration. The result? No other solution lets you collect, store and analyze mass quantities of event data as efficiently and easily as HawkEye AP. And that's critical to overcome today's security, compliance and risk mitigation challenges.

HawkEye AP at a Glance

Security Intelligence
  • Ability to perform sophisticated correlations and contextual investigations against large volumes of data over time
  • Web-based GUI for graphically designing advanced analytic dataflow models to zero-in on insider threats and other security risks
  • Open access allows users to query event data directly from the Business Intelligence tools they prefer using ODBC/JDBC interfaces
  • Web-based GUI for easier and more insightful out-of-the-box reporting and dashboards
  • Flexible querying via a SQL-driven query wizard
  • Rich reporting capabilities including ad hoc reporting and pre-defined report templates that meet specific regulatory compliance


Event Data Collection

  • Agent-less collection of any event with a time stamp
  • Open architecture that interfaces with a variety of related technologies, including endpoints and network systems, storage, mobile solutions, other SIEMs, call center applications, etc.

Event Data Warehouse

  • Ability to store all event data in its native form, rather than just the metadata or just aggregations, and without normalizing the data – maintaining the integrity of the data for audit, forensics, or other future use
  • Real-time ability to access petabytes of event data, without the need to extract from any archive – allowing for rapid response to investigations and queries
  • Massively Parallel Processing (MPP) enables linear scalability in handling large data volumes – highly compressed format reduces storage requirements

Simplified Data Collection

Over 14 years in development this patented technology was built from the ground up to handle semi-structured event data. Long before "Big Data" was a catch phrase this technology employed columnar storage, MPP shared-nothing architecture, and built-in compression

Powerful Analytics
  • Risk & compliance
  • Insider threat detection
  • Internal fraud detection
  • Security monitoring
  • Record retention
  • HR/Legal investigations
  • Anomaly detection
  • Forensics

Event Data WareHouse

Delivering disruptive technologies that meet the demanding market needs for cybersecurity solutions.

The HawkEye family of integrated products and services address customers' most demanding needs in security, compliance, data retention and other related applications. Using a highly scalable, high-performance big data platform, sophisticated analytics, deep forensic scanning, and a continuously updated library of threats and countermeasures, the solutions identify, validate and remove advanced threats automatically at machine speeds – before damage is done.


The NetBeat product line features solutions built to provide organizations with simplified network monitoring, analysis and control. NetBeat NAC delivers 360 degree network visibility in a set of easy-to-use applications that increase security, reduce risk and improve organizational productivity.


HexisCare provides assurance that the selection, deployment, and long term ownership of Hexis products will be supported so customers gain the most value out of their investments. This includes professional services, customer support, training and a Hexis Security Operations center that allows customers to leverage threat intelligence across the community of our users.

top down