CloudShark delivers secure storage, organization, user and group access control, and elegant, powerful analysis tools all through a web interface that enables packet analysis from any device.
Self-deployed on-premise or in the cloud under your own administrative control, enabling your team to share PCAP analysis with a single URL.
CloudShark provides a secure, centralized PCAP database complete with indexing, DeepSearch, and authenticated user management.
CloudShark integrates into your enterprise workflow by connecting to or using existing infrastructure. Built on top of standard Linux services, you can secure and configure your environment however you would like.
Solve network problems faster with built-in advanced analysis tools including Zeek Logs, DeepSearch, Packet Annotations and Protocol ladders.
CloudShark is an organizational tool that enables you to store and organize trace files, creating a history of your packet capture resources that is searchable and secure.
CloudShark enables you to solve problems faster by eliminating duplicate work and streamlining investigations and reporting. Any experience with WireShark is directly transferable so ramp-up with CloudShark takes no time at all.
More than just a remote Wireshark, CloudShark eliminates duplicate work and streamlines investigations and reporting.
It's easy to drag and drop capture files right into CloudShark by using your browser, but the real power comes from integrating the upload API into other tools anywhere in your network.
Tagging is central to organization in CloudShark. Label captures with anything that makes sense to you, whether it's location information, bug ticket numbers, or who's responsible.
Find important capture files quickly and easily by filtering on tags, size, timestamps, or by searching individual packets by display-filter.
Build profiles to analyze specific problems and help experts and entry level technicians share knowledge and work together.
CloudShark supports all of the display filters that you know from Wireshark and helps you type them through autocomplete. Every analysis tool can generate a new filter with a single click.
All your analysis is saved and can be shared with a URL. Instead of reproducing analysis steps each time someone opens a file, or emailing people screenshots, link directly to it for them to see.
As you do analysis, save your thoughts and notes directly on the packets as you come across them. When you or someone else comes back to the file, the annotations will be there waiting.
See important statistics and access advanced analytics that leverage the industry standard Zeek network analysis tool. Get a high-level view of your traffic, and pivot back to the packets when you need them.
Trace the flow of information across a single protocol or view how multiple protocols work together when troubleshooting a networking issue.
Upload session keys and certificates right to CloudShark to enable analysts to decrypt the traffic and see what's inside each packet.
CloudShark has specific tools for VoIP analysis and RTP playback, including support for G.729 audio.
Look at your DNS traffic to find slow or rogue servers, unexpected queries, misconfigurations, and other issues.
If you are exploring malware traffic, viruses, or other kinds of attacks, get to the bottom of an issue with the CloudShark Assessment extension.
CloudShark Enterprise is deployed in your own network, under your own control, in a virtual machine or on a bare metal system.
CloudShark can be easily deployed in a Docker environment or as part of your network automation and orchestration.
Don’t want another server to administer? QA Cafe can provision, install, and manage CloudShark Enterprise in the cloud for you with no time and effort on your side.
CloudShark Product Comparison
Cyber attacks today are bigger, faster, and happening more frequently than ever. Intrusion detection alerts are only the beginning of the story. You need to see the individual packet data to determine the root cause and protect your network.
CloudShark Threat Assessment is an expansion analysis tool that takes you from an IDS alert and brings you right to the packets that triggered it. Once you upload a PCAP file, you can choose Threat Assessment from the Analysis Tools menu to get a high-level summary in seconds. And, because it's built right into CloudShark, every view can be shared with your team simply by copy and pasting the URL.
CloudShark works with your existing network directory services such as LDAP or Active Directory, making it easy to manage users and groups.
Have a sizable team or customer base? CloudShark licenses are priced in units of 25, 50, 100 users or something custom for your team.
CloudShark includes advanced analysis tools that improve your team's ability to secure the network with faster issue resolution, response times and to stay ahead of future attacks.
Partner with a world-class team of experts redefining how teams can troubleshoot and solve network problems.
Analyze & display
your own packet data
Add Packet Analysis to your product
Network packet captures present a unique challenge to CIOs and CISOs when considering cybersecurity framework compliance like those outlined by NIST or the DHS Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connections program.
Our case studies usually focus on end-users of CloudShark, but our recent integration with Beeks Financial Cloud was a great opportunity to show just how easy it is to work with us here and incorporate CloudShark into your products to get the most out of working with captures.
Zeek (formerly Bro) is a powerful tool trusted by networking and cybersecurity experts for analyzing network traffic. By creating collated, organized records of network activity (called “logs”), Zeek gives the network analyst a new approach when dissecting and investigating traffic.
Our team is happy to answer your questions or give you a demo. Click below to tell us a bit about yourself and we will get in touch!