Try Avalon Today
Integrate Diverse Data Sources
Avalon enables you to quickly and easily visualize investigations by bringing together data from disparate security tools into a single, unified workspace.
Integrations with 25+ leading threat intel providers & platforms
On-demand access to threat intel resources
Interact & Collaborate Across Teams
Avalon enables security teams to work together in real-time on investigations and to produce and deliver finished intelligence.
Easily share findings and research – no more endless email threads, etc.
Break down silos across teams
Enable junior analysts to up-level skills by working with more senior analysts
Easily Visualize & Enrich Threat Data
Avalon helps you quickly cut through the noise by visualizing and enriching threat intelligence to see and understand data relationships.
Easily create robust link analysis for any investigation
Quickly identify links between attributes
Quickly Deliver Finished Intelligence
Avalon provides an efficient way to create and deliver comprehensive modern security intelligence.
Quickly create, review and deliver reporting required at all levels of your organization
Reduce time spent by analysts on manual, time-consuming administrative tasks
Live links provide easy access to all investigation analysis and data
Preserve Investigations for Future Use
Create a centralized knowledge repository of all investigations that can be shared and accessed across teams.
Easily reuse relevant data or results from a previous investigations to inform new ones
No more duplicating efforts as members can see and access research done previously
Related Resources
Listen to Chief Strategy Officer Doug Helton on the Hacker Valley Studio podcast sharing his experiences in Cyber Threat Intelligence and how to acquire the skills required to be highly effective.
King & Union Awarded U.S. GSA IT Schedule 70 Contract and is now part of the Highly Adaptive Cybersecurity Services (HACS) program.
Architecture
Avalon is a web application that runs in any major browser – no need to install any client or server software.
API Framework
Avalon provides a robust API to automate interacting with the platform.
Many actions, including graphing, can be done outside the website application with simple HTTP REST requests. Avalon also provides REST endpoints to allow combinations of tasks.
Imports
Workspaces can be populated by importing documents that contain indicators. Avalon supports:
For PDF files, Avalon will search the document for words that look like IoCs and automatically add them to the workspace. For CSVs, Avalon will take the first column of the CSV as an IoC, and later columns as attributes to add to that IoC. With JSON, users can specify both the ICs to be uploaded and the relations between them to automatically import connections between IoCs.
Exports
Making intelligence operational is critical. Avalon supports the following export formats.
Exports can cover an individual workspace or multiple workspaces. Users can also share sets of workspaces within interest groups and exports these sets of workspaces as a group, effectively creating a threat feed from the collaboration that occurs within an interest group.