The net is buzzing with fierce and fiery comments about Apple and their recently released Final Cut Pro X.

However, for me it doesn’t really matter. I’ve played with previous releases of FCP and although there is no doubt that Apple released FCPX very and admittedly early, for the non-pro user (like myself), it is simply an amazing application.

I grabbed a copy of it along with Compressor and Motion to work on a few promotional / marketing videos for Aanval (http://www.aanval.com). The change in technology-realms helps to clear my mind and removes me from my daily grind of information security, development and book writing.

Surprisingly, I found I really enjoyed working with FCPX and have since grabbed a Blue Yeti, M-Audio FastTrack Pro and a couple of KRK Rokit studio monitor speakers to create my own tiny audio / video editing studio. I can now definitely understand the magnetic addiction that so many people have to audio / video editing. So much fun.

Ultimately after investing a little bit into my new hobby, I wanted to first throw together a short video preview of Aanval to cut my teeth and put some of my newly learned skills to test.

I did this in the form of a 1 minute, Aanval Preview (Rough Edit — I call it this, because it still needs quite a bit of work). It can be found at http://www.aanval.com/preview/ or on Youtube at http://www.youtube.com/watch?v=lY1uhlqR1BI.

Have a look and enjoy.

~moses

As we’ve been commenting on over the past several months, Aanval v6 is a major interation and one we are sure greatly improves information security efficiency and security event management.

Although now would seem an appropriate time to catch up on sleep, we have a lengthy list of enhancements and features planned for v6 and will continue to aggressively roll out new builds following our release early, release often methodology.

The interface for Aanval v6 was completely re-written in Flex 4, scrapping the entire previous Flex 3 interface. The backend remains MySQL / PHP, however dozens of updates and optimizations were made to improve performance and stability.

Aanval is quite a large project, comprised of several hundred thousand lines of code. A major portion of time for this release was spent working on the interface (Flex 4). If you follow me on Twitter, you’d have witnessed a bit of my frustrations with the latest releases of Flash Builder (the unstable, Eclipse based pile of junk). But I’ll save all of that joy and excitement for another post.

A couple of more notable features of Aanval v6, besides the new multi-tasking interface are the GeoLocation displays and the re-introduced event correlation system.

• GeoLocation with integrated Google Maps is now available in both real-time and search displays to provide a global, visual reference of event attack sources.
• The event correlation system has been re-introduced with an updated interface to group and rank events that may be related to one another.

For more information on Aanval v6, including upgrade details, new license purchasing, etc – see  aanval.com

A short list of a few of Aanval v6′s new features and enhancements:

• All new live GeoLocation (Google Maps)
• All new event displays
• All new event correlation
• All new event browser
• All new live even monitor
• All new frequent X displays
• All new report management
• All new action management
• All new signature management
• All new datastore management
• All new policy management
• All new snort management
• All new syslog filter management
• All new installation and update system
• All new multi-tasking interface
• All new inter-display interaction
• All new look and feel
• And much… much, more
• Dozens of bug fixes are included, too numerous to list

A selection of screenshots, a few of these may be early release or even beta.

Aanval Snort & Syslog Intrusion Detection and Correlation Console

Aanval is the industry’s leading web-based gui for snort and syslog intrusion detection and correlation. Government security and defense organizations from more than a half dozen countries, educational institutions from around the world, global financial organizations as well as space exploration and military weapons manufacturers rely upon Aanval as a part of their security infrastructure.

http://www.aanval.com/

Enjoy.

~moses

This update follows along with our feature timeline and extends the basic functionality of the iPhone / iPad App by adding several popular displays that retrieve additional live snort and syslog data from deployed Aanval consoles.

Included is a short list of a few of the changes and further down is a few screenshots of the new version.

Added Frequent Events Display
Added Frequent Offenders Display
Added Sensor Status Display
Added Basic Auth Support
Added Payload to Event Details Display
Added Refresh Button to Live Monitor Display
Added Refresh Timer to Live Monitor Display

Product information is available here:

http://www.aanval.com/iPhoneApp

Aanval iPhone App in iTunes here:

http://itunes.apple.com/us/app/aanval/id381007750?mt=8

Enjoy.

~moses

Reuters
http://www.reuters.com/article/idUS95542+09-Aug-2010+PRN20100809

Forbes
http://www.forbes.com/feeds/prnewswire/2010/08/09/prnewswire201008090815PR_NEWS_USPR_____SF47279.html

TecTrends
http://www.tectrends.com/tectrends/news/urn:newsml:prnewswire.com:20100809:SF47279:1.html

TheStreet.com
http://www.thestreet.com/story/10830573/1/ids-vendor-tactical-flex-first-to-offer-iphone-app.html

Puget Sound Business Journal
http://seattle.bizjournals.com/seattle/prnewswire/press_releases/national/Washington/2010/08/09/SF47279

If you have questions or comments regarding Aanval, Tactical FLEX or anything related to the two — drop us an email or a call.

~moses

Snort is the worlds most popular signature based network intrusion detection and prevention engine available today.

Snort is an open source project managed by Sourcefire, Inc.

Details and the official Snort website are available at: http://www.snort.org/

Those who are not yet fully familiar with Snort may not know that in order to really take advantage of the engine, an interface or console is necessary for the viewing, reporting and / or managing of sensors and intrusion data.

Interfaces are a plenty and range from web-based solutions which are free, to dedicated desktop applications which can quite easily exceed $50,000 or more.

The popularity of Snort among small businesses has grown quite significantly over the past few years, however because of limited budgets and other fiscal restraints these markets are rather largely ignored by a good portion of Snort related product vendors.

Aanval

Aanval is a comprehensive intrusion detection and correlation console designed specifically for Snort and Syslog. Aanval 5 is the latest iteration of Aanval built upon 5 years of strong success along with a new and advanced graphical user interface.

When creating Aanval (http://www.aanval.com/) more than 5 years ago, we envisioned a console that allowed for storage and searching of huge data sets, advanced reporting and real time alerting — all designed specifically for the small to medium sized business budget.

Aanval 5 is the most powerful and feature rich version of Aanval to date and exceeds all of our original visions.

Cost

Today’s global fiscal situation makes cost effective Snort solutions even more relevant than ever before. Security budgets are tightening, alternative solutions are being sought after and all the while some of these organizations refuse to offer concessions or cost reductions to aid these small and medium sized organizations in finding solutions to protect their environments.

These freely available tools (those relating to Snort) in my biased opinion don’t offer the features, functionality or professional resources to be used effectively in a business environment. As inviting as this statement is for an argument, it’s the reason I believe organizations of all sizes continue to make Aanval a permanent part of their network security architecture.

Each week I find myself listening to foreign and domestic businesses frustrated with over-priced competing solutions that in their words are almost ridiculously out of touch with budget reality.

One particular challenge that we’ve had over the years is helping our potential customers understand that a price tag is just that, a price tag. Perceived value in the market place is critical, but puffed-up costs shouldn’t be aimed like a loaded cannon at investigating organizations as the “incentive” to purchase.

Details

Aanval’s licensing costs are extremely competitive, easy to understand and bring some balance back to the industry.

License purchase and pricing: https://www.aanval.com/purchase/

More information on Aanval 5

~moses

The snort signature management system is next on our list of items to receive a refresh.

Visit http://www.aanval.com/aanval5/ for more information on Aanval 5 and it’s list of features.

It has been nearly 1 year since Aanval 4 was migrated from a standard HTML / AJAX control panel, to a full Adobe Flex RIA front-end.

Drop by http://www.aanval.com/ and take a look at some of the latest screenshots that we’ve posted online for public viewing and commenting.

Aanval 5 is due to be released very shortly.

Aanval is an exceptional (if we do say so ourselves) snort and syslog intrusion detection and correlation console, with management, text searching, reporting and just all around general coolness.

Thanks,