WhiteHawk Solutions for the Public Sector

Cyber Risk Program – Basic is a 60-day subscription that is an Independent Cyber Audit based on external, non-invasive monitoring for 60-days to identify, prioritize, and validate cyber risks to an organization's revenue and reputation. It leverages cyber risk monitoring for one Entity (e.g., xyz.com) where analytics is performed to provide an executive overview. Included in this offering: 60-days of cyber risk monitoring; one-time Cyber Risk Scorecard and Cyber Risk Findings Report that details analysis and vulnerability findings; and a 1-hr debrief of results and recommendations.

Cyber Risk Program – Essential is an annual subscription that is an Independent Cyber Audit based on external, non-invasive continuous monitoring for 12-months to identify, prioritize, and validate cyber risks to an organization's revenue and reputation. It leverages cyber risk monitoring for one Entity (e.g., xyz.com) where analytics are performed to provide an executive overview. Included in this offering: continuous cyber risk monitoring; Quarterly Cyber Risk Scorecard and Cyber Risk Findings Report that details analysis and vulnerability findings; and 40-hours of SME services to support debrief of results, recommendations, and additional analysis as requested.

Cyber Risk Program – Balanced is an annual subscription that includes all that is offered in the Cyber Risk Program - Essential with the addition of a one-time DarkNet Cyber Threat Intelligence Analysis and Report for the same Entity (e.g., xyz.com). DarkNet Cyber Threat Intelligence Analysis monitors and assesses intelligence chatter in DarkNet to identify potential for cyber-attacks.

Cyber Risk Program – Premier is an annual subscription that includes all that is offered in the Cyber Risk Program - Essential with the addition of a semi-annual DarkNet Cyber Threat Intelligence Analysis and Report for the same Entity (e.g., xyz.com). DarkNet Cyber Threat Intelligence Analysis monitors and assesses intelligence chatter in DarkNet to identify potential for cyber-attacks.

Cyber Risk Program – Basic Add-on Entity adds monitoring, analysis, and reporting for one (1) additional Entity (e.g., abc.com) to the Cyber Risk Program – Basic offering. This offering can be used to accommodate enterprises with subsidiaries, business units, etc. and/or research and analysis of competitor organizations and those in the same or similar sector for comparative analysis.

Cyber Risk Program – Essential Add-on Entity adds monitoring, analysis, and reporting for one (1) additional Entity (e.g., abc.com) to the Cyber Risk Program – Essential offering. This offering can be used to accommodate enterprises with subsidiaries, business units, etc. and/or research and analysis of competitor organizations and those in the same or similar sector for comparative analysis.

Cyber Risk Program – Balanced Add-on Entity adds monitoring, analysis, and reporting for one (1) additional Entity (e.g., abc.com) to the Cyber Risk Program – Balanced offering. This offering can be used to accommodate enterprises with subsidiaries, business units, etc. and/or research and analysis of competitor organizations and those in the same or similar sector for comparative analysis.

Cyber Risk Program – Premier Add-on Entity adds monitoring, analysis, and reporting for one (1) additional Entity (e.g., abc.com) to the Cyber Risk Program – Premier offering. This offering can be used to accommodate enterprises with subsidiaries, business units, etc. and/or research and analysis of competitor organizations and those in the same or similar sector for comparative analysis.

Cyber Risk Program – Add-on One-time Software-based Pen Test is an automated, full-scale penetration testing service mapped to key risk and threat indicators with accuracy, speed, consistency and insusceptible to human error. Included in this offering: testing across a block of externally facing IP addresses up to 500; one-time testing and results report; and a 1-hr debrief of results and recommendations. This offering can be added to any of the Cyber Risk Program Offerings (Basic, Essential, Balanced, Premier).

Cyber Risk Radar – Basic is a 60-day subscription that provides businesses and organizations a topline cyber risk snapshot as an indicator of an organization’s effectiveness at addressing the impacts of online crime and fraud for a portfolio of 20 Entities (internet domains). Included in this offering: 60-days of cyber risk monitoring across 20 Entities; Cyber Risk Scorecard, updated daily, for each Entity that provides context and analytics that augment the risk indicators, enabling companies to take action to mitigate cyber risks to their revenue, reputation, and operations; a one-time Cyber Risk Portfolio Report that is based on analytics across the portfolio as a whole to provide insights to bolstering resilience; and a 1-hr debrief of results and recommendations.

Cyber Risk Radar – Essential is an annual subscription that provides businesses and organizations a topline cyber risk snapshot as an indicator of an organization’s effectiveness at addressing the impacts of online crime and fraud for a portfolio of 25 Entities (internet domains). Included in this offering: continuous cyber risk monitoring across 25 Entities for 12-months; Cyber Risk Scorecard, updated daily, for each Entity that provides context and analytics that augment the risk indicators, enabling companies to take action to mitigate cyber risks to their revenue, reputation, and operations; a one-time Cyber Risk Portfolio Report that is based on analytics across the portfolio as a whole to provide insights to bolstering resilience; and a 1-hr debrief of results and recommendations.

Cyber Risk Radar – Balanced is an annual subscription that provides businesses and organizations a topline cyber risk snapshot as an indicator of an organization’s effectiveness at addressing the impacts of online crime and fraud for a portfolio of 50 Entities (internet domains). Included in this offering: continuous cyber risk monitoring across 50 Entities for 12-months; Cyber Risk Scorecard, updated daily, for each Entity that provides context and analytics that augment the risk indicators, enabling companies to take action to mitigate cyber risks to their revenue, reputation, and operations; semi-annual Cyber Risk Portfolio Report that is based on analytics across the portfolio as a whole to provide insights to bolstering resilience; and semi-annual 1-hr debrief of results and recommendations.

Cyber Risk Radar – Premier is an annual subscription that provides businesses and organizations a topline cyber risk snapshot as an indicator of an organization’s effectiveness at addressing the impacts of online crime and fraud for a portfolio of 150 Entities (internet domains). Included in this offering: continuous cyber risk monitoring across 150 Entities for 12-months; Cyber Risk Scorecard, updated daily, for each Entity that provides context and analytics that augment the risk indicators, enabling companies to take action to mitigate cyber risks to their revenue, reputation, and operations; quarterly Cyber Risk Portfolio Report that is based on analytics across the portfolio as a whole to provide insights to bolstering resilience; and quarterly 1-hr debrief of results and recommendations

Cyber Risk Radar – Add-on 60-Day Cyber Risk Monitoring for 10 additional Entities (internet domains). This offering provides the ability to increase the portfolio size with 10 additional Entities for 60-Days, to include cyber risk monitoring and associated reporting, to any of the Cyber Risk Radar Offerings (Basic, Essential, Balanced, Premier). This Offering can be used in combination with other Cyber Risk Radar Add-on offerings.

Cyber Risk Radar – Add-on Continuous Cyber Risk Monitoring for 10 additional Entities (internet domains). This offering provides the ability to increase the portfolio size with 10 additional Entities for continuous cyber risk monitoring and associated reporting to any of the Cyber Risk Radar Offerings (Essential, Balanced, Premier) except for Cyber Risk Radar – Basic. This Offering can be used in combination with other Cyber Risk Radar Add-on offerings.

Cyber Risk Radar – Add-on One-time Business Risk Report for 10 Entities (internet domains). This offering adds the ability to include Business Risk Monitoring and Reporting across the Entity Portfolio. Business Risk Monitoring and one-time Report covers a company's Operations, Compliance, Financial, ESG, and Location Data observations that provide additional context to an organization’s risk posture. This offering can be used with to any of the Cyber Risk Radar Offerings (Basic, Essential, Balanced, Premier). This Offering can be used in combination with other Cyber Risk Radar Add-on offerings.

Cyber Risk Radar – Add-on Continuous Business Risk Monitoring and Report for 10 Entities (internet domains). This offering adds the ability to include continuous Business Risk Monitoring and Reporting across the Entity Portfolio. Continuous Business Risk Monitoring and on-demand Report covers a company's Operations, Compliance, Financial, ESG, and Location Data observations that provide additional context to an organization’s risk posture. This offering can be used with any of the Cyber Risk Radar Offerings (Essential, Balanced, Premier) except for Cyber Risk Radar – Basic. This Offering can be used in combination with other Cyber Risk Radar Add-on offerings.