Aanval includes a powerful false positive prevention engine that performs real-time analyses of events against customizable network, device, and service definitions.
False positives are the number one reason intrusion analysis systems fail to provide accurate and timely results. Even small numbers of false positives are costing organizations significant amounts of time, resources, and allocated budgets to manage.
Aanval 9's event validation engine automatically tags and filters events to help keep false positives from overpowering true risks, allowing analysts and engineers to focus and get back to protecting the network.
Aanval accomplishes the task of reducing false positives by utilizing information gathered from the network scanning module to compare event details against detected system and network characteristics. Events that have a highly likeliness of being falsely triggered are labeled clearly in all event displays.