One Security Team
With real-time collaboration at its core, Avalon facilitates collaboration across your security team, across your industry, and across all industries, force multiplying the effectiveness of your otherwise isolated security team.
Avalon is a web application that runs in your browser. Any recent major browser will work. There's no need to install any client software. It is a "Software as a Service" platform, meaning there's no server software to install, either.Try Avalon
Avalon provides a robust API to automate interacting with the platform. Many actions, including graphing, can be done outside the web application with simple HTTP REST requests. Avalon also provides REST endpoints to allow combinations of tasks. For more information on interoperating with the Avalon API, please contact support.Try Avalon
Aside from manual entry, workspaces can be populated by importing documents that contain indicators. Avalon supports three formats for importing data:
For PDF files, Avalon will search the document for words that look like IoCs and automatically add them to the workspace. For CSVs, Avalon will take the first column of the CSV as an IoC, and later columns as attributes to add to that IoC. With JSON, users can specify both the IoCs to be uploaded and the relationships between them to automatically import connections between IoCs.
Making intelligence operational is critical. Avalon supports the following export formats:
JSON with relationship data
Bro IDS Intel
Exports can cover an individual workspace, or multiple workspaces. Users can also share sets of workspaces within Interest Groups and export these sets of workspaces as a group, effectively creating a threat feed from the collaboration that occurs within an Interest Group.