Overview
Scanner's search indexes are stored in the cloud not in-memory and on-disk like legacy SIEMs that rely on a system architecture from the on-premise era. Our proprietary, cloud-native log search is designed for petabyte scale and leverages serverless compute and monoid data structures.
Scanner is schema-less and indexes raw log files directly in your AWS account providing you 100% data ownership and no vendor lock-in.
Teams can use our native UI for lightning fast search, dashboards and powerful threat detections, or our API to build or integrate with their existing tools like Grafana, Tines, Jupyter, Jira, Slack, custom webhooks, etc.
For teams using Splunk try our Scanner for Splunk deployment. Teams can index logs in S3 to reduce costs 90% then query them directly in Splunk via a custom search command that can be used within Splunk for ad-hoc querying, dashboards, correlation searches for Splunk Enterprise Security, and more.
For custom pricing, EULA, or a private contract, please contact sales@scanner.dev , for a private offer.
Highlights
- By leveraging S3 storage and serverless compute our customers often see an 80-90% reduction in their logging costs while gaining visibility into more log sources for as long as they need (usually 12+ months). Scanner indexes raw log files directly in users S3 buckets, reducing the need for many kinds of time-consuming data engineering projects by 85% and giving our users 100% data ownership (ie no vendor lock-in).
- Scanner provides powerful out-of-the-box threat detection rules for common log types and users can also easily set up their own custom detections. Users can perform detection chaining using Jupyter notebooks for advanced threat investigation. Users can also configure detection rules to send events to Slack, or to tools like Tines, Torq, and Jira via webhooks.
- When a user executes a query, we launch serverless Lambda functions to traverse the index files massively in parallel. These index files contain various data structures, including token posting lists and numerical ranges, that help us narrow down the search space to complete queries quickly. Searching for IP addresses in 100 TB of logs takes 10 sec; in 1 PB of logs, 100 sec. This is up to 100x faster than other tools that scan semi-structured logs in S3, like Amazon Athena or CloudWatch.
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
50 GB Per Day | Multi-tenant Instance, 1000 detection rules, 8x5 support | $8,600.00 |
100 GB Per Day | Multi-tenant Instance, 1000 detection rules, 8x5 support | $14,100.00 |
250 GB Per Day | Multi-tenant Instance, 1000 detection rules, 8x5 support | $30,500.00 |
500 GB Per Day | Single-tenant Instance, Unlimited detection rules, 24x7 support | $71,800.00 |
1 TB Per Day | Single-tenant Instance, Unlimited detection rules, 24x7 support | $109,200.00 |
5 TB Per Day | Single-tenant Instance, Unlimited detection rules, 24x7 support | $408,200.00 |
10 TB Per Day | Single-tenant Instance, Unlimited detection rules, 24x7 support | $782,000.00 |
The following dimensions are not included in the contract terms, which will be charged based on your usage.
Dimension | Cost/unit |
|---|---|
Additional usage as defined by contract. | $0.01 |
Vendor refund policy
In the event of a termination by Customer pursuant, Scanner will refund to Customer a pro rata share of any unused amounts prepaid by Customer under the applicable Quote for the Services on the basis of the remaining portion of the current subscription term (a Pro Rated Refund). Scanner will issue the Pro Rated Refund directly to Customer. In the event Scanner terminates this Agreement, Customer shall be required to pay through the remainder of the term indicated in the Quote.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Each Scanner customer receives support via a private Slack channel. Support is also available via email to the customer's account team or via support@scanner.dev .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
