What we do differently

We generate and analyze fine grained metrics - thousands of them, to provide you unprecedented visibility into network traffic, flows, and security.
Trusted by

Send us all your packets and NETFLOW/SFLOWs

Network security monitoring involve monitoring tons of metrics , metadata, flows, down to the packet level. Trisul leverages cutting edge streaming algorithms to bring full blown monitoring using a minimum amount of resources.

The benefits
  • Gain full visibility into network traffic and security threats
  • Everything included, no need to mess with Elastic or other solutions
  • Upto 80% less resource intensive than search based

Enhance your capabilities by writing your own scripts

As a customer you are justifiably wary of vendor lock-in. For every small tweak to adjust your business requirements you end up requesting a call. Using the simple Trisul API you can create powerful custom tooling of your own.

The benefits The LUA API (Live Analysis) The TRP API (Retro Hunting)
  • No special language to learn, just plain LUA or Ruby
  • Build upon Trisul's packet processing, reassembly, file extraction, storage
  • A rapidly growing set of Trisul APPS

Hundreds of metrics PLUS their relationships

Trisul goes beyond SNMP or Netflow to present you with a dramatically enhanced range of metrics. We do this by analyzing packets, reconstructing their content and extracting hundreds of relevant metrics from them.

The benefits More on Metrics

  • Monitor and alert on metrics from L2 to L7 such as HTTP, SSL/TLS, DNS metrics
  • Create your own metrics by simple point and click
  • 200+ metrics including advanced traffic statistics available out of the box

Stay on top of traffic and security anomalies

Trisul continously scans your network traffic against known threats such as malware, spam and phishing sites. You can then use any of the built in tools to investigate the alert all the way down to the packet level.

The benefits More on Flows and Metadata

  • Traffic, IDS, Threat based, and other alert types
  • Extraction of URLs, TLS Certs, HTTP Headers, DNS Records, and File hashes
  • Open API to export or take custom action on alerts

Make packet retention practical

The ability to drill down all the way to packet level is a key capability of Network Security Monitoring. Instantly cut through to packets from any spot to complete your investigation.

The benefits More on packet indexing

  • Fine grained, easy to use policies cut down packet storage requirements
  • Packets are stored encrypted and locally on each trisul-probe
  • Advanced indexing technology lets you retrieve packets very quickly

What users are saying..

"I was using tshark to capture all the packets and then having to carve a 15 GB pcap down to just the packets I wanted to look at and then re-assemble the document. That particular task would have taken me around thirty minutes to accomplish without Trisul." Timothy Howard, City of Delaware
"Trisul has been monitoring our VSAT (satellite) and internet links, our team gets an email everyday with a summary of issues with our network. We were able to cut down our multicast VSAT traffic with help from Trisul" CIO - ITI Financial
"Trisul is an amazing product with a strong emphasis on network and security monitoring. Trisul's integration of the two enables us to leverage existing IDS tools and network traffic and flows into visualizations putting them in context immediately" Mark Maunu, Network Security Analyst, USA