PETEK deception technology, KABUK multi-layered detection engine, and ANCILE e-commerce security assistant — three specialized products managed from a single operational dashboard. All telemetry converges into one SOC view with shared SIEM, alerting, and incident response workflows.
Low-interaction traps across SSH, HTTP, RDP, and SMB that mirror production infrastructure. Every connection attempt, credential used, and command executed is logged in structured format before the attacker reaches real services.
Traps receive only malicious traffic by definition. This eliminates the alert fatigue common in traditional IDS/IPS deployments — SOC teams treat every notification as actionable intelligence.
SSH, Telnet, HTTP, RDP, SMB, FTP — concurrent decoys across six protocols for attack vector coverage.
6 ProtocolsWebSocket live data streaming with instant MITRE ATT&CK technique mapping for faster incident response.
Live StreamNative connections for Wazuh, Splunk, and Elastic Security. CEF, LEEF, Syslog formats plus Webhook, Slack, and email delivery.
6 IntegrationsTraps trigger only on malicious activity. No legitimate traffic reaches them — SOC teams trust every alert.
0 FPAutomated PDF, JSON, CSV, and HTML reports with attacker profiles, command analysis, and audit trails.
4 FormatsSingle Docker Compose command. PostgreSQL backend with automatic backups and log rotation — production ready in minutes.
One CommandFour-stage analysis engine combining Regex, YARA, AST, and Heuristic layers. Classifies PHP, ASPX, JSP, and obfuscated web shell variants with high accuracy.
FTP scan mode for smaller setups, on-premise Python Agent for enterprise. Both managed from the same central dashboard.
Regex signatures, YARA rules, AST structural analysis, and Heuristic detection work in parallel to catch even obfuscated shells.
High AccuracyOn-Premise Agent watches filesystem events. Shell detected and pushed to dashboard via SignalR within 150ms of upload.
<150msPython-based, 26 MB RAM footprint. Scans locally without sharing FTP credentials; managed as a systemd service.
26MB RAMTwo deployment models, one platform. Use FTP mode when agent installation isn't feasible on the target server.
2 ModesDetected files moved to secure zone. SHA-256 hash tracking, full audit log, and restore capability maintain operational flexibility.
Full Isolation0-100 risk scores prioritize threats. Reports in JSON, CSV, HTML, and PDF; integrates with SIEM, Slack, and scheduled scans.
4 FormatsContinuous security monitoring built for e-commerce. Suspicious logins, account anomalies, and configuration risks distilled into a single score — no security expertise required.
Shopify store owners and agencies managing multiple stores. No security operations background needed — the score and instant alerts are self-explanatory.
One-click install via Shopify App Store. Zero impact on existing store theme or infrastructure. 14-day free trial included.
Admin logins, customer patterns, theme and app changes tracked 24/7. Instant notification on suspicious activity.
24/7Configuration, login patterns, and known risks summarized into one clear metric. Understand your posture without technical jargon.
Clear VisibilityCountry anomalies, VPN/Tor usage, datacenter IPs, and brute force attempts automatically flagged. No admin approval bypassed.
Risk-BasedManage multiple Shopify stores from a single panel. Centralized visibility for agencies — each store tracked with its own score.
For AgenciesJargon-free summaries with actionable recommendations. Delivered Monday morning via email; always accessible on the dashboard.
Mon AMOne-click install, no credit card required. Touches nothing on the existing store — active in minutes, restore just as fast.
One ClickPETEK, KABUK, and ANCILE share the same ALHAN backbone. All telemetry converges into one SOC view with unified SIEM integration, alerting, and incident response workflows.
Deception layer deployed at the perimeter — SSH, HTTP, RDP traps in DMZ or isolated subnets. Python 3.11 + Docker, zero false positives.
Shopify store monitoring layer — login anomalies, configuration risks, 0-100 security score. React + Shopify API, one-click install.
Server-side scanning engine — detects PHP, ASPX, JSP web shells. C# .NET 8 + Python agent, <150ms detection with quarantine.
Test ALHAN products in your own environment or request a tailored assessment for your infrastructure needs. Response within 24 hours.