ADVANCED NETWORK BEHAVIOR ANALYSIS
- securityOpen source network security monitor
- my_locationMulti protocol & flow data analytics
- settingsSimple deployment & powerful features
- filter_dramaScalable enterprise architecture
The information captured on the wire represents the ground-truth of network activity
Discover Your Network
Dynamite-NSM is a free Network Security Monitor (NSM), built on top of several leading, enterprise-grade technologies. The tool provides network and cybersecurity operators with holistic insights into their networks while giving them the ability to deep-dive into lower-level activities.
The solution presents powerful dashboards, giving comprehensive view into performance and threat-based metrics. Dynamite-NSM can be easily deployed in different environments including high-speed data centers, small-to-large enterprises, IoT & industrial networks, and even at home.
Rich Protocol Insights
Flow data, such as NetFlow, sFlow, IPFIX, is the industry standard for gleaning insights from network traffic. Dynamite-NSM includes flow processing, but goes deeper by adding a Zeek-based agent (aka Bro). Zeek monitors traffic and converts it into relevant metadata for high-level semantic analysis.
Zeek metadata contains comprehensive connection records as well as application-layer transcripts, e.g., HTTP sessions & URIs, key headers, MIME types & server responses; DNS requests & replies; SSL certificates; key content of SMTP sessions; and much more.
Ease of Deployment & Use
Dynamite-NSM is designed to be deployed very quickly with minimal configuration. Unlike many other tools, it can be installed and managed with a standalone command-line utility. The system is inherently passive without disruption to the network. There is no need to install agents on every computer, perform network scans, or directly interact with network assets. To start receiving analytics, we just connect agents and optional flow sources to the monitor.
Powerful Open-Source Architecture
Dynamite-NSM handles massive volumes of network traffic through scalable ingestion and optimized network sensors. The solution includes two key components: the agent and the monitor. The agent analyzes and forwards network events, while the monitor processes incoming events and displays analytic information.
The monitor component builds upon the ELK stack (ElasticSearch, LogStash, Kibana) and is coupled with the fine-tuned Zeek sensor (aka Bro), flow data inputs (NetFlow, sFlow, IPFIX), and Suricata IDS security alerts. Dynamite-NSM now includes the DynamiteLab component made of the python API for easy data access and integrated JupyterHub hosted notebooks as the data science environment.
Human mind remains the best analytical tool
From Network Logs to Decision Support
Dynamite-Pro is a premium product offering that is currently under development. The big idea behind our efforts is to equip network and cybersecurity operators with an intuitive AI system for network behavior analysis.
Operators deal with many challenges, including information overload, skill deficits, and insufficient time to make decisions. We use machine-learning and advanced visualization techniques to raise situational awareness and to enable the proper course of action.
Human vs. Machine
The human mind is unbeatable in contextual analysis, business knowledge, intrinsic intuition and general problem solving.
Alternatively, machines are very good at task automation, processing at scale, data enrichment, statistical analysis and supervised learning.
Our analytic method relies on processing of network traffic metadata organized as a collection of network assets and their relationships. The contextual view is constructed from the best-in-class data carving on the wire without external knowledge of the network environment.
The process further involves additional machine-learning computations and data enrichment. The decision support is delivered through a combination of visual analysis, probabilistic scoring, and system recommendations.
- Evidence – decomposition of situational complexity
- Hypothesis – asking the right questions
- Investigation – connecting the dots
Vision Without Execution Is Hallucination
Vlabs is now operating as Dynamite Analytics. Vlabs was founded in 2015 and was initially providing services in big data analytics and cybersecurity. After winning multiple federal R&D awards the company launched software product development focused on in-depth network traffic analysis. In 2019, Vlabs became Dynamite Analytics and released its free Network Security Monitor Dynamite-NSM. The company is also developing its commercial cyber analytic solution Dynamite-Pro.
Our mission is empower our customers with the state-of-the-art cyber defenses based on the latest advances in network behavior analytics.
We strive to be the partner of choice for the government and commercial enterprise by redefining quality and speed of AI-driven cyber threat detection.
CEO & Founder
Oleg is a 20-year Security Software veteran leading Dynamite Analytics from its inception.
Jamin is the creator of PacketTotal, the largest public PCAP analytic service in the world.
Adam is a seasoned SecOps team leader, technology innovator and cyber threat hunter.
Our company culture is centered around serving our customers’ needs, doing excellent work, and always delivering VALUE. We share the load – if our customers don’t succeed, we don’t succeed either. We take pride in our professionalism, integrity, and work ethics.
Quality of people is the greatest contributor to success of our business. That is why we only look for exceptional team members no matter where they are. We use a distributed execution model based on the daily scrum, telecommunication and accountability.
We are a distributed team headquartered in Atlanta, GA. To get in touch with us, please fill out the Contact Form. Someone on our team will respond to you shortly.
7742 Spalding Drive #359
Norcross, GA 30092