DYNAMITE-NSM

The information captured on the wire represents the ground-truth of network activity

Network Traffic Analysis

Dynamite-NSM is an open-source Network Security Monitor (NSM), built on top of several leading, enterprise-grade technologies. The tool provides network and cybersecurity operators with holistic insights into their networks while giving them the ability to deep-dive into lower-level activities.

The solution presents powerful dashboards, giving comprehensive view into performance and threat-based metrics. Dynamite-NSM can be easily deployed in different environments including high-speed data centers, small-to-large enterprises, IoT & industrial networks, and even at home.

Rich Protocol Insights

Flow data, such as NetFlow, sFlow, IPFIX, is the industry standard for gleaning insights from network traffic. Dynamite-NSM includes flow processing, but goes deeper by adding a Zeek-based agent (aka Bro). Zeek monitors traffic and converts it into relevant metadata for high-level semantic analysis.

Zeek metadata contains comprehensive connection records as well as application-layer transcripts, e.g., HTTP sessions & URIs, key headers, MIME types & server responses; DNS requests & replies; SSL certificates; key content of SMTP sessions; and much more.

Ease of Deployment & Use

Dynamite-NSM is designed to be deployed very quickly with minimal configuration. Unlike many other tools, it can be installed and managed with a standalone command-line utility. The system is inherently passive without disruption to the network. There is no need to install agents on every computer, perform network scans, or directly interact with network assets. To start receiving analytics, we just connect agents and optional flow sources to the monitor.

Powerful Open-Source Architecture

Dynamite-NSM handles massive volumes of network traffic through scalable ingestion and optimized network sensors. The solution includes two key components: the agent and the monitor. The agent analyzes and forwards network events, while the monitor processes incoming events and displays analytic information.

The monitor component builds upon the ELK stack (ElasticSearch, LogStash, Kibana) and is coupled with the ElastiFlow project for handling flow data. The Agent includes an enterprise-grade configuration of Zeek, PF_RING, and Filebeat. As a result, Dynamite-NSM delivers the best of two worlds: Zeek and Flows in the efficient, high-performance package.

Documentation & Download

DYNAMITE-PRO

Human mind remains the best analytical tool

From Network Logs to Decision Support

Dynamite-Pro is a premium product offering that is currently under development. The big idea behind our efforts is to equip network and cybersecurity operators with an intuitive AI system for network behavior analysis.

Operators deal with many challenges, including information overload, skill deficits, and insufficient time to make decisions. We use machine-learning and advanced visualization techniques to raise situational awareness and to enable the proper course of action.

Human vs. Machine

The human mind is unbeatable in contextual analysis, business knowledge, intrinsic intuition and general problem solving.

Alternatively, machines are very good at task automation, processing at scale, data enrichment, statistical analysis and supervised learning.

vizgraph

Contextual Analysis

Our analytic method relies on processing of network traffic metadata organized as a collection of network assets and their relationships. The contextual view is constructed from the best-in-class data carving on the wire without external knowledge of the network environment.

The process further involves additional machine-learning computations and data enrichment. The decision support is delivered through a combination of visual analysis, probabilistic scoring, and system recommendations.

  • Evidence – decomposition of situational complexity
  • Hypothesis – asking the right questions
  • Investigation – connecting the dots
Get In Touch To Learn More

ABOUT

Vision Without Execution Is Hallucination

History

Vlabs is now operating as Dynamite Analytics. Vlabs was founded in 2015 and was initially providing services in big data analytics and cybersecurity. After winning multiple federal R&D awards the company launched software product development focused on in-depth network traffic analysis. In 2019, Vlabs became Dynamite Analytics and released its first version of the open-source software project Dynamite-NSM (Network Security Monitor). The company is also developing its commercial cyber analytic solution Dynamite-Pro.

Leadership

Oleg Sinitsin

Oleg Sinitsin

CEO & Founder

Oleg is a 20-year Security Software veteran leading Dynamite Analytics from its inception.
Jamin Becker

Jamin Becker

CTO

Jamin is the creator of PacketTotal, the largest public PCAP analytic service in the world.

Mission

We help our customers to drastically reduce cyber analytic complexity by engaging human intuition & AI decision support. We strive to be the partner of choice for the government and commercial enterprise by redefining quality and speed of AI-driven cyber threat detection.

Culture

Our company culture is centered around serving our customers’ needs, doing excellent work, and always delivering VALUE. We share the load – if our customers don’t succeed, we don’t succeed either. We take pride in our professionalism, integrity, and work ethics.

Team

Quality of people is the greatest contributor to success of our business. That is why we only look for exceptional team members no matter where they are. We use a distributed execution model based on the daily scrum, telecommunication and accountability.

CONTACT

We are a distributed team headquartered in Atlanta, GA. To get in touch with us, please fill out the Contact Form. Someone on our team will respond to you shortly.

Dynamite Analytics

7742 Spalding Drive #359
Norcross, GA 30092
USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.