New Desktop app v0.5 now available

Network visibility
for every team.

Capture, inspect, and monitor traffic across your entire fleet — from a single laptop to hundreds of servers.

Start free → View on GitHub
$ curl -sSL https://netscope.ie/hub-quickstart.sh | sh

Platform

Three tools.
One platform.

Every piece works standalone. Together they give you complete fleet-wide visibility.

Desktop App

A visual network explorer for macOS and Windows. Browse live traffic, filter by protocol, and trace connections — no terminal required.

macOS · Windows

Capture Agent

A lightweight sensor that runs on Linux, macOS, and Windows. Sends flow data to your hub with zero persistent storage on the host.

Linux · macOS · Windows

SaaS Hub

A self-hosted dashboard that aggregates flows from your entire fleet. Search across agents, set alerts, and visualise threats in one place.

Self-hosted · Docker

Capabilities

Everything you need
to see your network clearly.

Built on Rust and ClickHouse. Handles hundreds of thousands of flows per second without breaking a sweat.

01

Real-time capture

pcap and eBPF capture modes. Sub-millisecond latency from packet to dashboard. Stream live traffic or query historical flows with SQL.

02

Deep protocol decode

HTTP, DNS, TLS, ICMP, ARP, gRPC, and more. See hostnames, query names, cipher suites — not just source and destination IPs.

03

Process attribution

eBPF mode maps every connection to the process that owns it. Know which binary, PID, and user is talking to the internet.

04

GeoIP & threat intel

Automatic geolocation and AbuseIPDB lookups enrich every flow. Flag suspicious IPs before they become incidents.

05

Sigma detection

Write detection rules in standard Sigma format. Get alerted on anomalous DNS, lateral movement, and known-bad IPs in real time.

06

Fleet management

Enroll agents with a one-line command. Monitor heartbeats, push config updates, and manage API tokens from a single dashboard.

Quick start

Up and running
in two minutes.

No Kubernetes. No configuration files. One command starts the full stack.

1

Install the hub

Runs ClickHouse, Kafka, the API, and the dashboard in Docker. Generates a random API key automatically.

2

Enrol an agent

Create an enrollment token in the dashboard, then run the one-liner on any target machine.

3

Watch flows arrive

Traffic appears in the live feed within seconds. Use the Flows page to search, filter, and investigate.

# Start the hub
$ curl -sSL https://netscope.ie/hub-quickstart.sh | sh

✓ Docker 29.4.0
✓ Files downloaded
✓ Images ready
→ Starting NetScope Hub...
✓ Dashboard ready at http://localhost

# Enrol an agent (copy from dashboard)
$ curl -sSL "http://localhost/install?token=..." | INTERFACE=eth0 sh

✓ Agent enrolled
✓ Heartbeat registered
→ Capturing on eth0...

Pricing

Start free.
Scale when you need to.

All plans include the desktop app, the capture agent, and the self-hosted hub.

Community

Free

forever · open source

  • Up to 10 agents
  • HTTP · DNS · TLS · ICMP · eBPF
  • Desktop app
  • Self-hosted hub
  • Community support
Get started →
Most popular

Team

$149

per month · billed annually

  • Up to 50 agents
  • Everything in Community
  • SSO (SAML · OIDC)
  • SCIM provisioning
  • Email + Slack alerts
  • 90-day retention
Contact sales →

Enterprise

Custom

volume · on-prem · SLAs

  • Unlimited agents
  • Everything in Team
  • Custom RBAC
  • PII redaction
  • OpenTelemetry export
  • Dedicated support & SLAs
Talk to us →