Sold by: Scanner.devÂ
Deployed on AWS
Scanner makes data lakes fast and easy to use, accelerating detection and response. Scanner accomplishes this with schemaless log search, all in the user's S3 buckets, using a novel data indexing engine designed from the ground up for cloud scale.
Overview
Here's the hard truth: traditional SIEM and logging tools are breaking down under today's massive log volumes, with costs that quickly escalate. That's why more and more teams are moving their logs to data lakes - it's just more cost-efficient. But there's a catch: current data lake tools all use SQL with strict schemas, which can require heavy data engineering work to maintain.
That's where Scanner.dev comes in - we make data lakes easy.
Reduce logging costs by up to 80 - 90% compared to traditional SIEM and logging tools.
Just load raw log data into your S3 buckets, and Scanner's schemaless search indexing will take care of the rest. Free text search makes querying simple, and queries run at lightning speed - up to 10TB/sec.
Find indicators of compromise instantly, whether you're looking at the last 14 days of logs - or the last 14 months.
For detection and response, you can start with Scanner's 200+ built-in detection rules, or you can write your own and sync them from GitHub with CI/CD.
Send alerts to Slack, to SOAR tools like Torq and Tines, or to custom webhooks.
For custom pricing, EULA, or a private offer, please contact sales@scanner.dev .
Highlights
- By leveraging S3 storage and serverless compute, our customers can see an 80-90% reduction in their logging costs while gaining visibility into more log sources for as long as they need (usually 12+ months). Scanner indexes raw log files directly in users S3 buckets, reducing the need for many kinds of time-consuming data engineering projects and giving our users full ownership of their data (ie. no vendor lock-in).
- Scanner provides powerful out-of-the-box threat detection rules for common log types and users can also easily set up their own custom detections. Users can perform detection chaining using Jupyter notebooks for advanced threat investigation. Users can also configure detection rules to send events to Slack, or to tools like Tines, Torq, and Jira via webhooks.
- When a user executes a query, we launch serverless Lambda functions to traverse the index files massively in parallel. These index files contain various data structures, including token posting lists and numerical ranges, that help us narrow down the search space to complete queries quickly. Searching for IP addresses in 100 TB of logs takes 10 sec; in 1 PB of logs, 100 sec. This is up to 100x faster than other tools that scan semi-structured logs in S3, like Amazon Athena or CloudWatch.
Details
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
50 GB Per Day | Multi-tenant Instance, 100 detection rules, 8x5 support | $4,813.00 |
100 GB Per Day | Multi-tenant Instance, 100 detection rules, 8x5 support | $9,375.00 |
250 GB Per Day | Multi-tenant Instance, 100 detection rules, 8x5 support | $23,063.00 |
500 GB Per Day | Single-tenant Instance, 500 detection rules, 24x7 support | $60,025.00 |
1 TB Per Day | Single-tenant Instance, 500 detection rules, 24x7 support | $107,840.00 |
5 TB Per Day | Single-tenant Instance, 500 detection rules, 24x7 support | $388,160.00 |
10 TB Per Day | Single-tenant Instance, 500 detection rules, 24x7 support | $761,920.00 |
Dimension | Cost/unit |
|---|---|
Additional usage as defined by contract. | $0.01 |
Vendor refund policy
In the event of a termination by Customer pursuant, Scanner will refund to Customer a pro rata share of any unused amounts prepaid by Customer under the applicable Quote for the Services on the basis of the remaining portion of the current subscription term (a Pro Rated Refund). Scanner will issue the Pro Rated Refund directly to Customer. In the event Scanner terminates this Agreement, Customer shall be required to pay through the remainder of the term indicated in the Quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Each Scanner customer receives support via a private Slack channel. Support is also available via email to the customer's account team or via support@scanner.dev .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
25
In Log Analysis
Top
10
In Data Analysis
Top
25
In Security Observability, Data Security and Governance
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Log Indexing Engine
Novel data indexing engine designed for cloud-scale schemaless log search directly in S3 buckets
Parallel Search Processing
Serverless Lambda functions launched to traverse index files in parallel, enabling rapid log querying up to 10TB/sec
Threat Detection Capabilities
Supports 200+ built-in detection rules with ability to create custom detection rules and sync from GitHub via CI/CD
Advanced Search Optimization
Utilizes complex index data structures including token posting lists and numerical ranges to efficiently narrow search space
Log Source Compatibility
Supports raw log data indexing across multiple log types with flexible schemaless search architecture
Log Analysis
Real-time security log processing and analysis of terabytes of raw logs per day using cloud-native architecture
Detection Methodology
Detection-as-code implementation using Python programming language for threat detection rules
Cloud Log Integration
Native integrations with AWS log sources including S3, CloudTrail, and VPC Flow Logs
Security Data Lake
Transforms raw log data into structured security data lake for comprehensive threat investigation and incident response
Scalable Architecture
Highly scalable data lake infrastructure designed for processing and querying large volumes of security logs efficiently
Endpoint Security
Advanced detection capabilities with both agent-based and agentless scanning across traditional infrastructure, serverless environments, and containers
Threat Intelligence Correlation
Cross-domain intelligence and telemetry integration for unified investigations, detection, and response through a single console
Identity and Access Management
Intelligent credential security with multi-factor authentication enforcement, identity provider integration, and privileged account management
Vulnerability Management
Predictive CVE detection and prioritization mechanism for effective vulnerability patching and remediation
Compliance Monitoring
Comprehensive compliance reporting and scoring against multiple frameworks including PCI, SOC2, NIST, and HIPAA with resource compliance tracking
Standard contract
No
No
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.