Nubeva has created the “Easy Button” for deployment of out-of-band, open source monitoring tools for AWS. Built within the Well Architected Framework, organizations can now launch a suite of the most common, open-source, network inspection and monitoring tools from a single, dynamic cloud formation template. These tools come pre-configured with Nubeva TLS Decrypt and include: Zeek/Bro, Suricata, Wireshark, Moloch and ntop.
With the introduction of modern TLS/SSL protocols, Open Source security tools are crippled by encrypted traffic. To unlock the full potential of these tools, our Nubeva TLS Decrypt solution is embedded into the Cloud Formation Template allowing you to also decrypt on the tool itself for even greater visibility - including advanced ciphers such as TLS 1.3, Perfect Forward Secrecy, Diffie-Hellman and all legacy protocols.
Nubeva Cloud Tools are delivered as infrastructure-as-code to enable organizations to gain decrypted visibility with Open Source Tools. Nubeva enables open source tools for testing and planning all the way to large scale, full deployment in production environments.
For decrypted network visibility, three components are required. 1) The ability to capture packets, 2) Tools to capture and analyze the traffic and 3) a decryption solution that can handle new modern SSL/TLS protocols. With Nubeva cloud tools, you launch all three of these requirements with a click of a button.
Nubeva Cloud Tools launch full production environments in three simple steps for leading open source tools. Launch all five or select the ones you want in our quick, easy process. Watch our "Get Started Video".
This Quick Start provides step-by-step instructions for deploying the Nubeva Transport Layer Security (TLS) Decrypt platform on the Amazon Web Services (AWS) Cloud. It includes the open-source tools Moloch, Ntop, Suricata, Wireshark, and Zeek. This Quick Start is for users who want to identify malicious activity, insider threats, and data leakage within their virtual private cloud (VPC) and Amazon Elastic Compute Cloud (Amazon EC2) instance.
Wireshark is one of the most common open-source packet analyzers for network troubleshooting, analysis, software and communications protocol development. Nubeva's Cloud Tools enables organizations using or wanting to stand up Wireshark to decrypt network traffic on the tool to improve speed to resolution and complete full packet inspection of decrypted packets in a matter of minutes.
Moloch is a large scale, open source, indexed, full packet capture system and search tool used by security and DevOps engineers and analysts to augment security infrastructure to store and index network packet traffic. Moloch, a write-to-file solution, is frequently used to provide additional visibility to organizations' intrusion detection systems (IDS) and supplements with full packet capture and retention, metadata enrichment and packet indexing and searching. With the introduction of TLS 1.3 and PFS, users of Moloch aren't getting full visibility due to packet encryption. With Nubeva Cloud Tools, you can restore full packet visibility.
Suricata is a free and open source, mature, fast and robust network threat detection engine. Enterprise teams use Suricata for network intrusion detection (IDS), inline intrusion prevention (IPS) and network security monitoring. Teams use Suricata to match on known threats, identify policy violation, flag malicious behavior and alert and event filtering. Nubeva cloud tools, powered by Nubeva TLS decrypt, solves for modern decryption to enhance Suricata for end users.
Zeek is a powerful network analysis framework used for Intrusion Detection Systems. Zeek helps to perform security monitoring by looking at network activity to find suspicious data flows. Based on the findings, it alerts, reacts and integrates with other tools including traffic inspection, attack detection, log recordings and analysis. With more than 70% of traffic now encrypted with TLS 1.3 and perfect forward secrecy, Zeek loses some of its power as packets are encrypted. Nubeva Cloud Tools allows Zeek users to reintroduce decrypted visibility within just a few minutes.
ntop is a high-speed, web-based traffic analysis and flow collection tool. The ntopng network traffic probe monitors network use and is based on libpcap and provides an intuitive, encrypted web-user interface for the exploration of real-time and historical traffic information.
Launch Nubeva Cloud Tools to stand up industry leading, open source network security monitoring tools for AWS in a matter of minutes. Below you will find some resources to get you started!
We will dig into the recently released AWS Quick Start: Nubeva TLS Decrypt on the AWS Cloud. This Quick Start allows security and application monitoring teams to deploy the Nubeva TLS Decrypt solution for complete visibility into modern encryption.
Our March Technical Brown Bag, Open Source technology expert, Erik Freeland, will deep dive into the popular Moloch tool. Moloch is an open source, large scale, full packet capturing (FPC), indexing, and database system equipping security teams with...
TL;DR: Amazon releases Quick Start with Nubeva TLS Decrypt to deliver full decrypted visibility in the cloud. The Quick Start is a passive, out of band, software decryption solution that handles forward secrecy, TLS 1.3, pinned certificates and...
A Step-by-Step Start Guide of Open Source Cloud Tools for SSL Decryption Read Time: 20 Minutes .
From visibility solutions to deep packet inspection, market demands on public cloud and data centers continue to evolve.
During this session, Erik Freeland, Director of Solution Engineering at Nubeva, covers :
Free, Resilient, Scalable Cloud Tools Enable Production-Ready Open Source Tools; Simplify Cloud Security and Application Monitoring SAN JOSE, Calif., Nov. 20, 2019 – Nubeva Technologies Ltd. (TSX-V: NBVA), a SaaS software developer providing network...