LogRythm NetMon
LogRhythm NetMon is a network traffic analytics tool designed for comprehensive network monitoring and threat detection. Key features include: 1. True Application Identification: Automatically identifies over 3,500 applications using advanced classification methods and deep packet inspection. 2. SmartFlow: Provides detailed packet metadata derived from each network session. 3. Full Packet Capture: Captures and stores network traffic in PCAP format for layers 2-7. 4. REST API: Allows integration with third-party tools for custom automations. 5. Deep Packet Analytics (DPA): Correlates against full packet payload and SmartFlow data using pre-built and customizable rules. 6. SmartCapture: Automatically captures sessions based on application or packet content. 7. Customizable Dashboards: Offers saved searches with automated alerts for continuous monitoring. 8. Unstructured Search: Enables drilling down to critical packet and flow data using an Elasticsearch backend. 9. Email Reconstruction: Supports malware analysis and data loss monitoring by reconstructing email attachments. 10. Deep Packet Inspection (DPI): Identifies and categorizes thousands of applications at wire speed, populating metadata fields. 11. Pattern Matching and Heuristics: Analyzes and extracts Layer 2-7 network data using various methods. 12. Automated Threat Detection: Recognizes PII, credit card information, port and protocol mismatches, and other indicators of inappropriate data movement.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
A free, open-source network protocol analyzer for capturing and displaying packet-level data.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
A website scanner that provides a sandbox for the web, allowing users to scan URLs and websites for potential threats and vulnerabilities.
A Bluetooth 5 and 4.x sniffer using TI CC1352/CC26x2 hardware with advanced features and Python-based host-side software.
WireGuard is a fast, simple, and secure VPN that uses cutting-edge cryptography, designed for ease of use and performance.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.