How to Buy

SecurITree can be purchased directly from Amenaza Technologies Limited. Please contact sales@amenaza.com or 1-888-949-9797 toll free (+01 403 263 7737 international). At the customer's request, purchases via major software resellers are also possible.

Value added resellers

Amenaza Technologies has teamed with companies with specialized expertise knowledge in specific fields (e.g., nuclear power security, operational technology, anti-tamper analysis). In addition to their subject matter knowledge, these organizations have been trained in the use of SecurITree. Amenaza Technologies would be pleased to put you in contact with a value added reseller (VAR) who can assist you with your specific requirements.

Licensing options and pricing

There are a variety of options for licensing SecurITree ranging from three month Full Function consulting term licenses ($3,750 USD) to large, Enterprise class licenses ($84,000 USD). A single-seat SecurITree license costs $10,500 (plus $4,500 USD if the Information Technology Library is required). Versions with limited functionality appropriate to specific tasks are also available. SecurITree Creator is appropriate for building attack trees whereas SecurITree Analyzer allows analysts to analyze trees that have been built elsewhere. A Viewer is also available.

Educational licenses are available for qualified institutions at discounted prices. Requests by graduate students engaged in thesis research are considered on a case-by-case basis.

Please contact Amenaza Technologies Limited ( 1-888-949-9797 toll free, +01 403 263 7737, info@amenaza.com) for help selecting the license most appropriate for your requirements and for detailed pricing information.

IT Library

For attack tree models of systems that include commercial and off-the-shelf information technology components, Amenaza recommends the purchase of the Information Technology Library. The IT Library is used in conjunction with Enterprise, Departmental, Full Function and Creator licenses. Different licenses exist that correspond to the Enterprise, Departmental, Full Function and Creator versions of SecurITree.

The IT Library is a collection of pre-built attack trees representing ways of attacking popular information technologies (e.g., Windows, Linux, Oracle, Apache, 802.11). An analyst can save great amounts of time and build upon Amenaza's expertise by including these components in their own models. The structure of a technology tree emphasizes defects in the technology's architecture. The collection is updated periodically. It should be understood that the attack trees in the IT Library will usually require some tuning and modification for use in specific situations (due to the different ways in which different sites deploy these technologies).

Deployment strategies

SecurITree is a desktop application that runs on Windows, MacOS and Linux workstations. SecurITree does not require Internet connectivity and is suitable for use in secure environments.

Single user licenses are node-locked (associated with a given PC). Multi-user licenses may be deployed as node-locked or floating (controlled by a network license manager).

Node-locked licenses are often used with laptops or other systems that may not have network connectivity. A node-locked license is always available on the PC where it is installed.

Floating licenses are concurrent usage and are managed by a network license manager at the customer's site. The license manager communicates with the SecurITree equipped PCs via the corporate network and assigns licenses from a pool.

Support subscriptions

Included with most license purchases is a support subscription (one year for non-expiring licenses). The support subscription entitles the licensee to all product updates released in the support period and access to telephone / e-mail support. At the expiry of the support subscription included with the initial purchase of non-expiring licenses, customers are invited to extend their support subscriptions for additional years at a cost of 20% of the current license purchase price.

Payment

Amenaza Technologies accepts payment via purchase order/check, credit card (Mastercard/Visa) and wire transfer.

Purchase agent information

See Amenaza's listing with the System for Award Management (SAM) (click "Search Records", then search using "Amenaza" or Unique Entity ID G76AMPSCC4S4)

NCAGE # L0839
JCP # 0034427
DUNS # 200591043

 

 

Versions:

Numerous different options exist for licensing SecurITree. For complete licensing and pricing information, please contact Amenaza Technologies Limited directly (1-888-949-9797 toll free, +01 403 263 7737 International). A partial listing of the licensing options, including part numbers, is shown below. Node-locked licenses are installed on, and associated with a particular PC workstation. Node-locked licenses are often used with laptops or other systems that may not have network connectivity. Floating licenses are concurrent usage and are managed by a network license manager at the customer's site. The license manager communicates with the SecurITree equipped PCs via the corporate network and assigns licenses from a pool.

For customers not requiring the full functionality of SecurITree, specialized versions exist with subsets of functionality

For attack tree models of systems that include commercial and off-the-shelf information technology components, Amenaza recommends the Information Technology Library. The IT Library is used in conjunction with Enterprise, Departmental, Full Function and Creator licenses. Several different licenses (with different part numbers) exist that correspond to the Enterprise, Departmental, Full Function and Creator versions.

All of the above products include one year of technical support and no charge updates. Yearly support agreements are available and recommended after the initial support period expires. Educational licenses are available for qualified educational institutions. A variety of time limited, expiring licenses are available. For instance

Go to Sensitive Environments >

SecurITree - threat modeling without limits