Launch Open Source, Decrypted Visibility Suite with a Click of a Button. 

Nubeva has created the “Easy Button” for deployment of out-of-band, open source monitoring tools for AWS. Built within the Well Architected Framework, organizations can now launch a suite of the most common, open-source, network inspection and monitoring tools from a single, dynamic cloud formation template. These tools come pre-configured with Nubeva TLS Decrypt and include: Zeek/Bro, Suricata, Wireshark, Moloch and ntop.

With the introduction of modern TLS/SSL protocols, Open Source security tools are crippled by encrypted traffic. To unlock the full potential of these tools, our Nubeva TLS Decrypt solution is embedded into the Cloud Formation Template allowing you to also decrypt on the tool itself for even greater visibility - including advanced ciphers such as TLS 1.3, Perfect Forward Secrecy, Diffie-Hellman and all legacy protocols.


Why Nubeva for Decrypted Visibility with Open Source Tools? 

Nubeva Cloud Tools are delivered as infrastructure-as-code to enable organizations to gain decrypted visibility with Open Source Tools. Nubeva enables open source tools for testing and planning all the way to large scale, full deployment in production environments. 

For decrypted network visibility, three components are required. 1) The ability to capture packets, 2) Tools to capture and analyze the traffic and 3) a decryption solution that can handle new modern SSL/TLS protocols.  With Nubeva cloud tools, you launch all three of these requirements with a click of a button. 

Nubeva Cloud Tools launch full production environments in three simple steps for leading open source tools. Launch all five or select the ones you want in our quick, easy process. Watch our "Get Started Video". 



Get Started with Well Architected Quick Start from AWS

This Quick Start provides step-by-step instructions for deploying the Nubeva Transport Layer Security (TLS) Decrypt platform on the Amazon Web Services (AWS) Cloud. It includes the open-source tools Moloch, Ntop, Suricata, Wireshark, and Zeek. This Quick Start is for users who want to identify malicious activity, insider threats, and data leakage within their virtual private cloud (VPC) and Amazon Elastic Compute Cloud (Amazon EC2) instance. 


View Deployemnt Guide




Wireshark is one of the most common open-source packet analyzers for network troubleshooting, analysis, software and communications protocol development. Nubeva's Cloud Tools enables organizations using or wanting to stand up Wireshark to decrypt network traffic on the tool to improve speed to resolution and complete full packet inspection of decrypted packets in a matter of minutes. 



Wireshark In Action






Moloch is a large scale, open source, indexed, full packet capture system and search tool used by security and DevOps engineers and analysts to augment security infrastructure to store and index network packet traffic. Moloch, a write-to-file solution, is frequently used to provide additional visibility to organizations' intrusion detection systems (IDS) and supplements with full packet capture and retention, metadata enrichment and packet indexing and searching. With the introduction of TLS 1.3 and PFS, users of Moloch aren't getting full visibility due to packet encryption. With Nubeva Cloud Tools, you can restore full packet visibility. 








Suricata is a free and open source, mature, fast and robust network threat detection engine. Enterprise teams use Suricata for network intrusion detection (IDS), inline intrusion prevention (IPS) and network security monitoring. Teams use Suricata to match on known threats, identify policy violation, flag malicious behavior and alert and event filtering. Nubeva cloud tools, powered by Nubeva TLS decrypt, solves for modern decryption to enhance Suricata for end users. 


Suricata Alert from decryption in Kibana





Zeek - formerly Bro 

Zeek is a powerful network analysis framework used for Intrusion Detection Systems. Zeek helps to perform security monitoring by looking at network activity to find suspicious data flows. Based on the findings, it alerts, reacts and integrates with other tools including traffic inspection, attack detection, log recordings and analysis. With more than 70% of traffic now encrypted with TLS 1.3 and perfect forward secrecy, Zeek loses some of its power as packets are encrypted. Nubeva Cloud Tools allows Zeek users to reintroduce decrypted visibility within just a few minutes. 




ntop is a high-speed, web-based traffic analysis and flow collection tool. The ntopng network traffic probe monitors network use and is based on libpcap and provides an intuitive, encrypted web-user interface for the exploration of real-time and historical traffic information.



Get Started with Nubeva Cloud Tools 

Launch Nubeva Cloud Tools to stand up industry leading, open source network security monitoring tools for AWS in a matter of minutes. Below you will find some resources to get you started!

resources banner desktop

Want to learn more about Nubeva Cloud Tools?

Request a Demo
resource banner screen

Launch Quick Start 

Learn More 

Technical Brown Bag: Symmetric Key Intercept

Deep dive into the new approach to network decryption. Nubeva has invented and released patented Symmetric Key Intercept infrastructure to solve the problem of capturing session keys -- a problem introduced with new modern encryption protocols. 

Technical Brown Bag: AWS Quickstart April 2020

We will dig into the recently released AWS Quick Start: Nubeva TLS Decrypt on the AWS Cloud. This Quick Start allows security and application monitoring teams to deploy the Nubeva TLS Decrypt solution for complete visibility into modern encryption.

Technical Brown Bag: Nubeva Moloch March 2020

Our March Technical Brown Bag, Open Source technology expert, Erik Freeland, will deep dive into the popular Moloch tool. Moloch is an open source, large scale, full packet capturing (FPC), indexing, and database system equipping security teams with...

AWS Quickstart for TLS Decrypt Is Here

TL;DR: Amazon releases Quick Start with Nubeva TLS Decrypt to deliver full decrypted visibility in the cloud. The Quick Start is a passive, out of band, software decryption solution that handles forward secrecy, TLS 1.3, pinned certificates and...

Security and DevOps Team New Year's Resolutions

From visibility solutions to deep packet inspection, market demands on public cloud and data centers continue to evolve.

Technical Brown Bag: Nubeva Cloud Tools

During this session, Erik Freeland, Director of Solution Engineering at Nubeva, covers : 

Nubeva Releases State-of-the-Art Cloud Tools for Open Source Security Monitoring Tools in Cloud

Free, Resilient, Scalable Cloud Tools Enable Production-Ready Open Source Tools; Simplify Cloud Security and Application Monitoring SAN JOSE, Calif., Nov. 20, 2019 – Nubeva Technologies Ltd. (TSX-V: NBVA), a SaaS software developer providing network...

Nubeva Cloud Tools

Have a Question about Nubeva Cloud Tools?

Let's jump on a call with one of our Cloud Solution Architects! 

Schedule a Demo