Welcome to the Aanval Wiki. Snort, Suricata and Syslog Intrusion Detection, Situational Awareness and Risk Management.

Visit http://www.aanval.com/ for more information.

Aanval:Event Validation

From Aanval Wiki
Jump to: navigation, search

Aanval includes a powerful False Positive Event Validation engine that performs real-time analyses of events against customizable network, device, and service definitions.

False positives are the number one reason intrusion analysis systems fail to provide accurate and timely results. Even small numbers of false positives are costing organizations significant amounts of time, resources, and allocated budgets to manage.

Aanval v7's event validation engine automatically tags and filters events to help keep false positives from overpowering true risks, allowing analysts and engineers to focus and get back to protecting the network.

See Also

For more information about how Event Validation works, visit our FAQ page.