If you work in network analytics or security, you know the drill.

The job is already complicated enough. Traffic visibility, threat detection, bandwidth analysis, investigations, compliance. Every day there’s more data, more alerts, and somehow less time.

That’s exactly why product updates should matter. Not cosmetic changes or the features hidden behind three tabs that nobody touches. Real improvements. The kind that make the product easier to secure, easier to use, and stronger where it counts.

That’s what’s happening with Trisul Network Analytics right now. A few major updates have landed, and a few bigger ones are still in the works.

Here’s a quick look.

Relying on passwords alone in 2026 feels a little optimistic and security isn”t something “good to have” for teams. 

That’s why Trisul now supports two-factor authentication across all products and all user roles.

Admins, analysts, operators, everyone.

It works with standard authenticator apps like:

• Google Authenticator
• Microsoft Authenticator

And for teams that prefer it, OTP through SMS is also available as an authentication option.

So whether it’s app-based TOTP or SMS-based OTP, the goal stays the same: stronger access control with minimal friction.

For teams running multi-user deployments, this adds an important layer of protection against credential compromise and unauthorized access.

One of the major updates in Trisul 8.0 is native MITRE ATT&CK integration.

It’s a big addition to the platform, and we’ve already covered it in detail in a separate blog, so we’ll keep this one short. Safe to say, it’s one of the key features shaping the 8.0 release.

If you missed that blog, you can check it here: Mapping Network Detections to the MITRE ATT&CK Framework in Trisul

This is probably the most interesting update in development.

Because if we’re being honest, nobody wakes up excited to click through fifteen filters, three dropdowns, and four report forms just to answer one question. That’s administrative cardio.

So we’re building Trisul AI. Think ChatGPT, but for your network analytics.

You ask:

“Show me the top bandwidth consumers in the last 24 hours.”

“Generate a DDoS activity summary for yesterday.”

“Fetch ASN-wise traffic insights for this month.”

And it gives you answers. And more, It retrieves from the Trisul knowledge base, reports, historical data, and traffic insights. That’s a big shift.

Because one of the biggest barriers in analytics platforms is not lack of data, it’s how long it takes to get to it. Trisul AI cuts through that.

No need to know where a report lives. No need to understand every workflow before getting value.

Just ask.

That lowers the learning curve significantly, especially for new teams onboarding into the platform.

IP management gets complicated fast. Because keeping track of who owns what, where it belongs, and how it maps across growing subnet ranges becomes messy at scale.

That’s where the new IPAM update comes in.

Trisul Network Analytics now integrates with efficient iP® for correlating username that makes the IPAM more structured.

With this integration, Trisul can enrich IPDR records with user-level details like usernames, instead of just raw IP mappings. That means investigations become more meaningful. Instead of tracing activity back to just an IP address, teams can identify the actual user behind that activity much faster.

For compliance-driven environments, especially ISPs and large enterprises handling IPDR requirements, this closes an important visibility gap.

And in network forensics, that extra layer of identity context can save a lot of time when things go sideways. Because they usually do. That’s networking’s favorite hobby.