Sold by: ON2IT
Deployed on AWS
AUXO Curator is a next-generation log inspection service that provides real-time security insights. It integrates threat intelligence, AI, and customizable telemetry feeds like canary accounts, delivering clear, actionable cases through the AUXO Zero Trust platform.
Overview
AUXO Curator is a Zero Trust-aligned, intelligence-driven log processing solution that redefines how organizations gain visibility into security events. Unlike traditional SIEM systems, AUXO Curator accepts and inspects every log type and inspects them in real time but avoids local long-term storage in product, offering a more agile and scalable approach to telemetry.
Logs are compressed and optionally stored in external object storage, such as Azure Blob, leaving data ownership and retention policies fully in the hands of the customer. AUXO Curator continuously ingests and analyzes logs from various services, including network, cloud, and endpoint sources.
Built into the AUXO platform, Curator leverages:
- Live threat intelligence feeds to maintain up-to-date detection capabilities
- Custom telemetry feeds, such as canary accounts and deception setups
- AI-based detection for precision alerting
- Clear, actionable cases for rapid response, reducing alert fatigue
Highlights
- Real-time log inspection with threat intel
- AI powered triage and case handling
- Long term customer owned log storage
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux Based on Talos
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
n.a.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Stable release of AUXO, will be updated automatically if a newer version is available after first boot.
Additional details
Usage instructions
Prerequisites
Before deploying the AUXO™ Curator E2 instance, ensure the following:
- An AWS account with permissions to deploy EC2 instances
- An Amazon S3 bucket where processed logs will be stored
- Access to the AUXO™ platform (AUXO™ is part of MDR Detect )
Deployment and Configuration
- Log in to the AUXO™ platform and navigate to Curator Nodes.
- Create a new Curator node.
- Upon creation, a unique, single-use authentication token is generated.
- This token is required to link the Curator E2 instance to the customers AUXO™ platform account.
- If redeployment is required, a new token can be generated from the Curator node details page.
- Deploy the Curator E2 instance
- During deployment, add an EC2 instance tag:
- Key auth_code
- Value the authentication token provided by the AUXO™ platform
- Once the Curator E2 instance successfully registers and appears in the AUXO™ platform, the auth_code tag can be removed.
The Curator E2 instance is stateless. If the instance is terminated or fails, a new instance can be launched using a newly generated token without any data loss.
Login and SSH Access
SSH access is disabled by default on this instance for security purposes. Authentication between the instance and the AUXO™ platform is handled via a secure, one-time-use activation token provided as an instance tag (see configuration instructions above).
If SSH access is required for troubleshooting or maintenance, contact ON2IT support to enable it. Only key-based authentication is supported; password-based SSH login is not available. ON2IT support can generate and provision the required SSH key pair upon request.
Data Processing and Storage
Log data
- Logs are ingested, inspected, and processed in real time.
- No raw log data is stored on the Curator E2 instance.
- Processed and compressed logs are written to a customer-managed Amazon S3 bucket within the customers AWS account.
- Data ownership and retention policies remain entirely under customer control.
Security events
- Only security-relevant events derived from log analysis are forwarded to the AUXO™ platform for detection, correlation, and case creation.
- The region used for the AUXO™ platform is selected by the customer during onboarding.
Security and Encryption
- Data sent from the Curator E2 instance to the AUXO™ platform is encrypted in transit.
- Security events stored within the AUXO™ platform are encrypted at rest.
- Data sent from the Curator E2 instance to the customers Amazon S3 bucket is encrypted in transit.
- Encryption of inbound data sent to the Curator E2 instance depends on the selected ingestion protocol and customer configuration.
Monitoring and Health Management
The health and status of the Curator E2 instance are continuously monitored within the AUXO™ platform.
- If any operational issues are detected, an alert is generated in the AUXO™ platform and the customer is notified via email.
- Customers can manually verify Curator health by checking the Curator node status in the AUXO™ platform.
- The EC2 instance status can also be reviewed directly in the AWS Management Console - instance serial console, where clear informational messages are provided if the instance fails to start or encounters issues.
Because the Curator E2 instance is stateless, recovery is achieved by simply launching a replacement instance, ensuring continuity without data loss.
Support
Vendor support
ON2IT BV Hogeweg 35 5301 LJ Zaltbommel Netherlands
ON2IT Inc. 5717 Legacy Drive, Suite 250 Plano, TX 75024 USA
Email: servicedesk@on2it.net For EMEA / Europe: +31 (0) 88 22-66 201 For North America: +1 (214) 206-8446
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.