Try Avalon Today

Avalon Cyber Analysis Platform

Integrate Diverse Data Sources

Avalon enables you to quickly and easily visualize investigations by bringing together data from disparate security tools into a single, unified workspace.

Integrations with 25+ leading threat intel providers & platforms

On-demand access to threat intel resources


Interact & Collaborate Across Teams

Avalon enables security teams to work together in real-time on investigations and to produce and deliver finished intelligence.

Easily share findings and research – no more endless email threads, etc.

Break down silos across teams

Enable junior analysts to up-level skills by working with more senior analysts

Easily Visualize & Enrich Threat Data

Avalon helps you quickly cut through the noise by visualizing and enriching threat intelligence to see and understand data relationships.

Easily create robust link analysis for any investigation

Quickly identify links between attributes


Quickly Deliver Finished Intelligence

Avalon provides an efficient way to create and deliver comprehensive modern security intelligence.

Quickly create, review and deliver reporting required at all levels of your organization

Reduce time spent by analysts on manual, time-consuming administrative tasks

Live links provide easy access to all investigation analysis and data

Preserve Investigations for Future Use

Create a centralized knowledge repository of all investigations that can be shared and accessed across teams.

Easily reuse relevant data or results from a previous investigations to inform new ones

No more duplicating efforts as members can see and access research done previously

Related Resources

email-parachute (1)

Learn more about Avalon's new UI and features in this blog by Peter Prizio, VP of Product!


Listen to Chief Strategy Officer Doug Helton on the Hacker Valley Studio podcast sharing his experiences in Cyber Threat Intelligence and how to acquire the skills required to be highly effective.

Screen Shot 2020-04-13 at 4.40.11 PM

King & Union Awarded U.S. GSA IT Schedule 70 Contract and is now part of the Highly Adaptive Cybersecurity Services (HACS) program.


Avalon is a web application that runs in any major browser –  no need to install any client or server software.

API Framework

Avalon provides a robust API to automate interacting with the platform.

Many actions, including graphing, can be done outside the website application with simple HTTP REST requests. Avalon also provides REST endpoints to allow combinations of tasks.


Workspaces can be populated by importing documents that contain indicators. Avalon supports:

For PDF files, Avalon will search the document for words that look like IoCs and automatically add them to the workspace. For CSVs, Avalon will take the first column of the CSV as an IoC, and later columns as attributes to add to that IoC. With JSON, users can specify both the ICs to be uploaded and the relations between them to automatically import connections between IoCs.


Making intelligence operational is critical. Avalon supports the following export formats.

Exports can cover an individual workspace or multiple workspaces. Users can also share sets of workspaces within interest groups and exports these sets of workspaces as a group, effectively creating a threat feed from the collaboration that occurs within an interest group.