Run Using Java Web Start
We recommend running Deep Node with Java Web Start each time you launch the console so you always get the latest version automatically. Simply double-click the JNLP file (Windows) or the Launch script (Linux and Mac). See the Download page for more.
Learn the Concept
Our visualization allows you look from past to present across hundreds of endpoint data flows. Using a common time-axis, aggregated into a tree structure, we let you see the totality of network activity across any time period. Learn everything you need to know on The Concept page.
Below are tutorial videos on basic navigation, control, and search inside the console.
Like a video game keyboard, the w/s keys move you forward and backward, and a/d move you left and right. Use the arrow keys to look around. Also, h toggles the Help menu. There's a lot more...
BASIC NAVIGATION (2:39)
USING THE MOUSE AND MENUS (2:05)
INSTANTANEOUS SEARCHING (2:07)
Sometimes the hardest part of network security and analysis is just getting to what's normal. We've created a lot of capabilities to get you there faster. You can filter and consolidate activity that is "known" or "safe" so you can focus on what is potentially "not". But you can always bring filtered activity back into view if your hypothesis changes...
FILTER AND PRUNE (2:19)
CONSOLIDATION AND SEPARATION (2:41)
Investigation and Analysis
Load a PCAP into the console and focus on what happened. If you flag something suspicious, save out to PCAP for deeper analysis or audit (Pro version). Command "bots" to mark and monitor specific traffic patterns. Turn on the AI to find prevalent patterns, so you can continuously improve baseline and pick out anomalies (Pro version).
LOADING AND SAVING A PCAP (2:21)
FLAGGING AND FOCUSING (1:42)
"BOTS" / ARTIFICAL INTELLIGENCE (5:45)