Pricing - DNIF HyperCloud - Cloud Native SaaS

Starts at 2,500
Events Per Second (EPS)

2,500 EPS

	PROFESSIONAL $ 10,586/mo annual commit START A TRIAL	ENTERPRISE $ 14,367/mo annual commit TALK TO SALES
PRODUCT OVERVIEW
SIEM
UEBA
SOAR
HyperScale Datalake
ENTITLEMENTS
Data Retention	365 Days	365 Days
Data Tiering	Hot / Active	Hot / Active
Analytic Scheduling	Scheduled, Streaming	Scheduled, Streaming
Log Volume	Unlimited	Unlimited
Capacity Upgrades	Real-Time	Real-Time
SOC2 Reporting
Redundancy Across Availability Zones
Support	8x5 (P1 24x7)	8x5 (P1 24x7)
USE CASES
Active Threat Watch
Cloud Observability
Compliance Monitoring
User Behavior Analytics
Network Traffic Analyitcs
Application Observability
Entity Behavior Analytics
PLATFORM CAPABILITIES
Cloud Connector (Azure, AWS, GCP)
Native Extractors
Threat Intelligence Enrichment
GEO/DB Network Enrichment
Enrichment on Ingest
Schema on Read
Search / Hunting
Data Partitioning
ML Framework
No Code Outlier Detection
SUCCESS MANAGEMENT
Onboarding Program
Dedicated Success Manager
Analyitcs / ML Concierge Service	Optional
Maturity Reviews

There are many many advantages of a hyperscalar data platform, and one of those advantage is that it does not discriminate between hot and cold data. Everything is HOT and can be retrieved instantly. So by default you should be able to query 365 days of data without having to wait.

Extractors are open and you could easily build or modify an extractor using a simple YAML file (no coding required). Option 2 - if this is a publicly available product that you are wanting to extract, you could leave a request for creating a new extractor, this request will be reviewed by the team and added to the roadmap. Option 3 - You could also subscribe for additional professional services (PS) and get the extractor built on priority.

It may not be feasible to extract every field in the raw event, so there may be times when some fields may not have been marked for extraction. In these cases we have the option of augmenting the extractor to include the additional field. However with DNIF you have an additional ability to query a field that was previously not extracted and is available only in the raw event.

This capability is called Schema On Read (SOR) where you could execute a native query on the raw event and extract a field which was not originally extracted. With this method you can query back in time without altering the extractor.

It is always prudent to have additional capacity on the EPS front than what is required. This will help the engine surmount bumps in the event generation rate. The ingest engine will allow an ingest rate upto 100% of the subscribed EPS value and then allow a 5% overage (grace) on the subscribed EPS value. In case events are dropped, the counts will be logged and notified.

Yes - you can, DNIF offers a downloadable on-prem version as well which you could install in your environment and be in total control of your data. The downloadable uses Docker containers to deploy and it is fairly easy to install and initiate - although, not as easy as the cloud native SaaS platform 😉

Yes - you can use DNIF Community Edition (CE) commercially. Also, it is exactly the same product as you would get in the enterprise version but however without any restriction. The CE version is infact uncapped and can ingest any amount of data / EPS as long as the underlying compute permits the stretch.

The only aspect missing from the CE is the support, you get access to community support instead of dedicated support provided by us.

Attackers start from the bottom of the list

Let cost NOT be the barrier for your SaaS Platform

Need more choices, we have it covered

Frequently Asked Questions

Do we get HOT / COLD data retention?

How do I develop extractors? Do I have help?

I want to query a field that has not been extracted?

What happens when I use more than my subscribed EPS limit?

Can I have my own deployment, on premise?

What features are missing in the community edition? Can I use it for commercial use?