What is CapStar Forensics

Built on a blazing fast packet analysis engine and coupled with a highly descriptive, flexible scripting language. Easily describe and rapidly detect complex conditions and network behavior in both packet capture and streaming network traffic.

Increase Productivity

More investigations per investigator

Reduce Risk

Faster time to insight and resolution

Lower Cost

Increase process automation and investigative velocity

Improve Compliance

Define criteria to verify against network traffic

DESCRIPTIVE SCRIPTING LANGUAGE

Power users /hunters in the SOC/NOC/Intel communities, are taking full advantage of the familiar and easy-to-use scripting language.

By following the syntax and field naming conventions of the familiar Wireshark protocol, CapStar offers users a powerful descriptive language to extend their capabilities.

PRE-PACKAGED ANALYTICS

with a blazing fast engine for analyzing large PCAPS with unparalleled speed and efficiency.
Compare a 1GB PCAP to a list of 10’s or 100’s of thousands of IPs or domains in a flash.

BLAZING FAST ENGINE

with a blazing fast engine for analyzing large PCAPS with unparalleled speed and efficiency.

Compare a 1GB PCAP to a list of 10’s or 100’s of thousands of IPs or domains in a flash.

Scroll to top