RapidFire Tools has added breach detection capabilities to its Cyber Hawk internal security scanning and reporting solution.
The new feature, which is based on technology licensed from an unspecified third-party security vendor, searches for advanced persistent threats, keyloggers, malicious registry changes, and other intrusions in monitored end points. Hackers use such “footholds,” which anti-virus products often fail to detect, as a launching pad for attacks days, weeks, or even months after implanting them, according to Mark Winter, RapidFire Tools’ vice president of sales.
“These are the ways that hackers gain an entrance, and over time migrate laterally through the network,” said Winter in a conversation with ChannelPro at the ConnectWise IT Nation Connect partner conference in Orlando last week.
Breach detection is available now in Cyber Hawk as a free add-on that users can enable with a single mouse click. “They can turn on that policy and have their customers get that benefit immediately,” Winter says.
An advanced edition of the new feature, which costs $50 annually for an entire customer site, is now available as well. That version scans for new breaches daily and more deeply than the free edition, which performs weekly searches.
Both versions automatically send email notifications and open service tickets in a user’s PSA solution when they find an infection. Cyber Hawk integrates with PSA offerings from ConnectWise, Datto Inc.’s Autotask unit, and Tigerpaw.
Though Cyber Hawk’s new functionality offers all the breach-spotting power many smaller businesses need, according to Winter, it’s best thought of as a complement to other security solutions. “All security is layered,” he observes.
Cyber Hawk is designed to warn MSPs of anomalous activity, suspicious network changes, and threats caused by vulnerabilities and misconfigurations. Introduced in May of 2016 as Detector SDS, the system acquired its new name in July.
The addition of breach detection capabilities to Cyber Hawk, Winter continues, is the latest but not last move by RapidFire Tools into a new and adjacent market. The company added a lightweight documentation module to its Network Detective assessment solution in August and tacked on dark web scanning in partnership with Bowie, Md.-based ID Agent the following month.
RapidFire Tools has been a unit of IT management software maker Kaseya Ltd. since September. Though Kaseya has embedded compliance monitoring functionality from RapidFire Tools’ Audit Guru product within its VSA remote monitoring and management platform, it continues to operate the company as a stand-alone business with its own management, strategy, and product roadmap.