Trisul Network Analytics 6.5 is now available

We are delighted to announce our latest release “Trisul 6.5”. We think this is our best yet. We have rolled into this lessons learnt from watching users of our previous releases and other tools. Our goal is to make Trisul the go-to tool for full blown NSM and deep network traffic analysis. At the same time, we did not want to cut corners in extensibility or performance. Towards that end, this release includes an even better Lua API and across the board improvements in performance.

Best of all, we’ve retained the 3-day sliding window License that lets you get started without any friction in sales calls or canned demos. Just get the bits and go live

What’s in this release

You can access the complete list of features on our Releases page. The key areas of change in this release are in the following broad categories:

Read More

New developer resource wiki

We are pleased to announced a new developer resource Trisul Devzone This will be useful for those using the Lua Scripting interface or the Ruby TRP API to automate Network Security Monitoring tasks.

This DokuWiki based knowledge base is designed as extra documentation that dont fit very well into the official reference and guides on We will share idioms, best practices, share interesting articles from other websites, and something very short tech tips on a regular basis here.

We hope the Network Security and Traffic Monitoring enthusiast community will find this new resource useful.

Free Download Trisul 6.0 ! Ready to go packages for Ubuntu and CentOS.

Read More

Introducing TrisulNSM Docker – an all-in-one NSM platform

We are excited to announce TrisulNSM Docker This is a new Network Security and Traffic Monitoring (NSM) platform that includes everything you need in a single easy to use docker container.

What is included ?

TrisulNSM Docker includes the full range of collection capabilities you have come to expect in an alert-centric NSM system. In addition, it also gives you comprehensive network traffic visibility you may not have seen elsewhere. The entire package is built on Trisul’s powerful real time streaming analytics pipeline and database.

Read More

Introducing a new Trisul App – FireHOL list checker

Using plain Lua you can write powerful network analytics scripts on the Trisul platform. We have packaged some of our frequently used scripts into production ready Trisul Apps. Take a look at our Lua API for more on that.

The FireHOL Cybercrime IP List is a very well maintained blocklist. We use a lot of different lists but what sets FireHOL apart is the very low false postive rate and the amount of work the maintainer puts into keeping the list from turning stale. We found that if a FireHOL IP alerts you better take a closer look at it.

We are excited to announce a FireHOL Scanner App that checks your network traffic for hits and provides further analysis paths.

Read More