What is CapStar Forensics

Built on a blazing fast packet analysis engine and coupled with a highly descriptive, flexible scripting language. Easily describe and rapidly detect complex conditions and network behavior in both packet capture and streaming network traffic.

in-aut-int
icon-1

Increase Productivity

More investigations per investigator
risk

Reduce Risk

Faster time to insight and resolution
icon-2

Lower Cost

Increase process automation and investigative velocity
compli

Improve Compliance

Define criteria to verify against network traffic

DESCRIPTIVE SCRIPTING LANGUAGE

Power users /hunters in the SOC/NOC/Intel communities, are taking full advantage of the familiar and easy-to-use scripting language.

By following the syntax and field naming conventions of the familiar Wireshark protocol, CapStar offers users a powerful descriptive language to extend their capabilities.

pre

PRE-PACKAGED ANALYTICS

with a blazing fast engine for analyzing large PCAPS with unparalleled speed and efficiency.
Compare a 1GB PCAP to a list of 10’s or 100’s of thousands of IPs or domains in a flash.

BLAZING FAST ENGINE

with a blazing fast engine for analyzing large PCAPS with unparalleled speed and efficiency.

Compare a 1GB PCAP to a list of 10’s or 100’s of thousands of IPs or domains in a flash.

Scroll to top