How to Buy
SecurITree can be purchased directly from Amenaza Technologies Limited. Please contact sales@amenaza.com or 1-888-949-9797 toll free (+01 403 263 7737 international). At the customer's request, purchases via major software resellers are also possible.
Value added resellers
Amenaza Technologies has teamed with companies with specialized expertise knowledge in specific fields (e.g., nuclear power security, operational technology, anti-tamper analysis). In addition to their subject matter knowledge, these organizations have been trained in the use of SecurITree. Amenaza Technologies would be pleased to put you in contact with a value added reseller (VAR) who can assist you with your specific requirements.
Licensing options and pricing
There are a variety of options for licensing SecurITree ranging from three month Full Function consulting term licenses ($3,750 USD) to large, Enterprise class licenses ($84,000 USD). A single-seat SecurITree license costs $10,500 (plus $4,500 USD if the Information Technology Library is required). Versions with limited functionality appropriate to specific tasks are also available. SecurITree Creator is appropriate for building attack trees whereas SecurITree Analyzer allows analysts to analyze trees that have been built elsewhere. A Viewer is also available.
Educational licenses are available for qualified institutions at discounted prices. Requests by graduate students engaged in thesis research are considered on a case-by-case basis.
Please contact Amenaza Technologies Limited ( 1-888-949-9797 toll free, +01 403 263 7737, info@amenaza.com) for help selecting the license most appropriate for your requirements and for detailed pricing information.
IT Library
For attack tree models of systems that include commercial and off-the-shelf information technology components, Amenaza recommends the purchase of the Information Technology Library. The IT Library is used in conjunction with Enterprise, Departmental, Full Function and Creator licenses. Different licenses exist that correspond to the Enterprise, Departmental, Full Function and Creator versions of SecurITree.
The IT Library is a collection of pre-built attack trees representing ways of attacking popular information technologies (e.g., Windows, Linux, Oracle, Apache, 802.11). An analyst can save great amounts of time and build upon Amenaza's expertise by including these components in their own models. The structure of a technology tree emphasizes defects in the technology's architecture. The collection is updated periodically. It should be understood that the attack trees in the IT Library will usually require some tuning and modification for use in specific situations (due to the different ways in which different sites deploy these technologies).
Deployment strategies
SecurITree is a desktop application that runs on Windows, MacOS and Linux workstations. SecurITree does not require Internet connectivity and is suitable for use in secure environments.
Single user licenses are node-locked (associated with a given PC). Multi-user licenses may be deployed as node-locked or floating (controlled by a network license manager).
Node-locked licenses are often used with laptops or other systems that may not have network connectivity. A node-locked license is always available on the PC where it is installed.
Floating licenses are concurrent usage and are managed by a network license manager at the customer's site. The license manager communicates with the SecurITree equipped PCs via the corporate network and assigns licenses from a pool.
Support subscriptions
Included with most license purchases is a support subscription (one year for non-expiring licenses). The support subscription entitles the licensee to all product updates released in the support period and access to telephone / e-mail support. At the expiry of the support subscription included with the initial purchase of non-expiring licenses, customers are invited to extend their support subscriptions for additional years at a cost of 20% of the current license purchase price.
Payment
Amenaza Technologies accepts payment via purchase order/check, credit card (Mastercard/Visa) and wire transfer.
Purchase agent information
See Amenaza's listing with the System for Award Management (SAM) (click "Search Records", then search using "Amenaza" or Unique Entity ID G76AMPSCC4S4)
NCAGE # L0839
JCP # 0034427
DUNS # 200591043
Versions:
Numerous different options exist for licensing SecurITree. For complete licensing and pricing information, please contact Amenaza Technologies Limited directly (1-888-949-9797 toll free, +01 403 263 7737 International). A partial listing of the licensing options, including part numbers, is shown below. Node-locked licenses are installed on, and associated with a particular PC workstation. Node-locked licenses are often used with laptops or other systems that may not have network connectivity. Floating licenses are concurrent usage and are managed by a network license manager at the customer's site. The license manager communicates with the SecurITree equipped PCs via the corporate network and assigns licenses from a pool.
- SecurITree Full Function License (p/n ST4-FULL-PRM)
Allows the analyst to create attack tree models showing possible attacks against assets and the resulting damages. Incorporates sophisticated analytic functions that use information about your enemies to determine which attacks they will use against your systems. Provides the analyst with the ability to explore the effectiveness of proposed risk mitigation solutions.
- SecurITree Enterprise License (p/n ST4-ENT10-PRM)
The Enterprise license consists of a bundle of ten (10) Full Function licenses. At the time of purchase the customer indicates which of the ten licenses will be deployed as floating with the remainder being designated as node-locked. The customer is free to install as many copies of SecurITree on their network as they desire.
- SecurITree Departmental-3 License (p/n ST4-DPT3-PRM)
The Departmental license bundles are available in a variety of sizes. The Departmental-3 license consists of a bundle of three (3) Full Function licenses. At the time of purchase the customer designates which licenses will be floating (with the remainder being designated as node-locked). The customer may install up to six (6) instances of SecurITree - of which three (3) may execute at an given time.
For customers not requiring the full functionality of SecurITree, specialized versions exist with subsets of functionality
- SecurITree Creator Version (p/n ST4-CRT-PRM)
Allows the creation of attack tree models showing possible attacks against assets and the resulting damages. This version is most appropriate where the organization has separated the attack tree model creation and analysis operations into separate functions.
A separate SecurITree Analyzer or SecurITree Full Function license can be used in conjunction with the Creator to perform the complete analysis process.
- SecurITree Analyzer Version (p/n ST4-ANA-PRM)
Allows the analysis of attack tree models (created by either SecurITree Creator or SecurITree Full Function). Provides sophisticated analytic functions that use information about your enemies to determine which attacks they will use against your systems. Provides the analyst with the ability to explore the effectiveness of proposed risk mitigation solutions.
- SecurITree Viewer (p/n ST4-VIEW-PRM)
A low cost licensing option that allows attack trees to be viewed and printed. Recommended for situations where people (e.g., decision makers) need to be able to inspect attack trees that have been created by other versions of SecurITree.
For attack tree models of systems that include commercial and off-the-shelf information technology components, Amenaza recommends the Information Technology Library. The IT Library is used in conjunction with Enterprise, Departmental, Full Function and Creator licenses. Several different licenses (with different part numbers) exist that correspond to the Enterprise, Departmental, Full Function and Creator versions.
- SecurITree IT Library (p/n ST4-ITLIB-PRM, ST4-ITLBDPT-PRM, ST4-ITLBE10-PRM)
The IT Library is a collection of pre-built attack trees representing ways of attacking popular information technologies (e.g., Windows, Linux, Oracle, Apache, 802.11). An analyst can save great amounts of time and build upon Amenaza's expertise by including these components in their own models. The structure of a technology tree emphasizes defects in the technology's architecture. The collection is updated periodically.
All of the above products include one year of technical support and no charge updates. Yearly support agreements are available and recommended after the initial support period expires. Educational licenses are available for qualified educational institutions. A variety of time limited, expiring licenses are available. For instance
- SecurITree for Consultants:
A time expiring Full Function version of SecurITree that provides consultants the ability to work on a project at one, named client's site for a period of 90 days. Includes technical support, product updates and the use of the IT attack tree libraries for the license period.
Go to Sensitive Environments >