An IIHT Company

Dynamite Agent Starter

Agent Starter is a feature-rich, free version of Agent suitable for network traffic inspection on smaller network segments and individual network assets. Built on top of Zeek and Suricata, Agent enables Network Detection and Response (NDR) capabilities for AWS cloud environments and seamlessly integrates with existing cyber monitoring solutions.

Agent Starter is capable of inspecting sustained traffic loads of 500 Mbps and, if properly tuned, can handle peak loads up to 750 Mbps. For larger capacity, please see the AWS Marketplace listing for Agent.

Agent is built on the industry-leading network traffic inspection technologies Zeek and Suricata. Zeek delivers network metadata, such as comprehensive connection telemetry, application-layer transcripts and artifacts, going far beyond NetFlow and other types of flow data. Suricata complements Zeek with rule-based network intrusion alerts powered by the industry’s top IDS signature dataset. Agent uses AWS VPC traffic mirroring to passively inspect traffic without any network interference.

Unlike most 3rd party NDR products, Agent is designed for integration with existing SIEM/SOAR cyber monitoring solutions. As a result, Agent seamlessly fits into an existing SecOps process and toolset without reliance on external systems or the out-of-network transfer of analytic data.”

How our Cloud Labs in the real world
and other success stories

Empowering the next generation of tech leaders, Make My Labs Blogs provides invaluable resources for students and aspiring professionals.

Want to see MML in action?