INTRUSION SavantTM is a network monitor that captures, logs, analyzes and retains 100% of the behavioral history of all network connections. As network throughput rates have increased by orders of magnitude and adversaries have innovated new ways of hiding their covert traffic, we delivered innovation with Savant to solve network traffic analysis at scale.
Savant is a multi-protocol network decoder and analyzer utilizing three original patents to uniquely capture, analyze and store bidirectional traffic at 20Gbps.
Savant code is at the core of the INTRUSION Shield Security-as-a-Service network appliance. The Savant code base along with real-time AI informs Shield contains more than one million lines of code and the Shield appliance further enhances Savant capabilities.
Shield leverages Savant technology to automate the active killing of dangerous connections based on AI technology. Whereas Savant remains positioned as a network reconnaissance and attack analysis tool for forensic analysts in the DoD and Federal Government and security aware corporations. Looking forward, Shield customers will have an option to bring all of the Savant real-time visibility, analysis, reporting, and forensic retention capabilities to their networks in addition to the enhanced network traffic protection offered by Shield. The principal uniqueness of Savant is the ability to decode all packets, all protocols, all fields in each protocol in real-time – and to perform graph analytics in real-time on all traffic.
Our patents enable us record every packet in real-time and efficiently retain multiple years of metadata history – allowing security experts to look backward in time to all events in order to trace back the origin of events on the network – as well as doing network discovery and real-time analysis.