Announcing Exclusive Savings for Aanval SAS! We're Welcoming 2013 with New Special Pricing » Pricing and Purchase |
Powerful.
New! Aanval SAS™
The industry's leading Snort, Suricata, and Syslog console, just got a whole lot better. Aanval SAS (Situational Awareness System) is the combination of our most advanced SIEM features with our newly released Network Host Scanner, Rogue Host Detection, and Offensive Reconnaissance modules.
We're not making this up. Government security and defense organizations from more than a half dozen countries, global financial and educational institutions, as well as space exploration and military weapons manufacturers rely upon Aanval as a part of their security infrastructure.
We urge you to create an account and request and schedule a demo, download Aanval, or contact our Sales and Support staff to answer your questions.
More Information » Aanval Details
|
|
|
Aanval has been designed to correlate event data and logs from hundreds of vendor products and solutions including those listed above.
Offensive Reconnaissance™
Aanval SAS takes advantage of Nmap, the industry's most well-known and accomplished port scanning utility to perform both automated and on-request network reconnaissance.
Network host availability, port, and service scanning as well as OS fingerprinting are now available directly within Aanval.
Rogue Host Detection
Automated Rogue Host Detection and alerting capabilities are now built-in to Aanval to help security analysts and network administrators stay on top of these pesky little devices.
Aanval keeps full logs of network hosts and reconnaissance results and uses this information within the its correlation engine to better represent valid events and limit false positives.
Aanval Details
|
|
Situational Awareness™
New to Aanval SAS is our unique Situational Awareness engine that provides an in-depth event and architecture analysis of the host network.
A list of network events is nearly useless; it's our job to build systems that allow analysts to make determinations quickly while being well-informed.
Situational Awareness within Aanval allows analysts to quickly identify which specific devices, services, and approximate areas of the network are most at risk and which are more likely to be a problem in the future.
Define devices, services, ports, and protocols supported within your environment and let Aanval build detailed summaries of your network's security posture and current risks.
Learn More
|
|
False Positive Protection
Aanval includes a powerful event validation engine that performs real-time analyses of events against customizable network, device, and service definitions.
False positives are the number one reason intrusion analysis systems fail to provide accurate and timely results. Even small numbers of false positives are costing organizations significant amounts of time, resources, and allocated budgets to manage.
Aanval's event validation engine automatically tags and filters events to help keep false positives from overpowering true risks, allowing analysts and engineers to focus and get back to protecting the network.
Learn More
|
|
Event Correlation
Aanval is a fully-integrated event management and attack data correlation engine. Aanval compares and correlates attacks in real-time and provides easy-on-the-eyes charts and visual representations of related attack data across Snort, Suricata, and syslog-sourced data.
Using every detail of a normalized event, Aanval compares events against one another as well as groups of events to identify complex attack patterns or determine if a single attack may or may not be related to larger attacks happening within the same timeframe.
Correlation is performed in both real-time and on-demand, allowing analysts to select an event and see which events may be related.
Ranking is simple to understand. Aanval provides a percentage value for each correlated event, letting the analyst know how confident Aanval is in its decision.
Learn More
|
|
GeoLocation
Aanval SAS includes a powerful new mapping framework that gives it the ability to do some pretty impressive geographic location plotting.
Visualize attack data based on source, destination, risk level, and quantity of events--and all of this plotted on a fully interactive map of the world.
View various GeoLocation-based displays including Aanval's real-time Live GeoLocation display, as well as newly updated Frequent Offenders and Frequent Attackers displays.
Know precisely where your network threats originate! Zoom, drag, and hover your mouse for details of both static and real-time GeoLocation details.
Learn More
|
|
Aanval SAS™ Appliances
We have brought the industry's leading Snort, Suricata, and Syslog intrusion detection and correlation console together with the world's most stable and advanced operating system and hardware combination.
Aanval SAS Appliances come pre-configured and drop-in ready for organizations of all sizes and technology requirements.
Turn-key, Scalable Solutions
Appliances are custom configured for target architectures and loaded with the latest releases of Aanval SAS, Snort and/or Suricata, Nessus, Metasploit, etc.
Scalable from small, single-appliance solutions to fully inter-operable, large-scale enterprise deployments.
Appliance Details
|
|
|
Every event, every sensor, every device. Not a problem.
Aanval is the only SIEM on the market with the ability to automatically scale to meet the needs of its environment. Supporting millions and billions of Snort, Suricata, and Syslog events is fully automated and continues as long as storage space is available.
Supporting Snort (the world's most widely used intrusion detection engine), Suricata (a powerful, multi-threaded, open source intrusion detection engine), as well as any device capable of outputting log information, Aanval imports, normalizes, and correlates event information for a powerful, fast, and scalable analysis.
+