Cybersecurity

Introducing ntop SBOM (Software BOM)
A Software Bill of Materials (SBOM) is a formal, machine-readable inventory that lists every component, library, and dependency included within a software application. Think of it as a digital “ingredient label” that tells you exactly what went into building the software, which versions are running, and where each piece originated. Typically, it documents: SBOMs are increasingly becoming a legal requirement. For instance, governments and strict regulatory frameworks (e.g. the U.S. Executive Order on Improving the Nation’s Cybersecurity and the EU Cyber Resilience Act) mandate that software vendors provide SBOMs to …
AI

Interop Tokyo 2026: Showcasing the Future of Network Visibility and AI
We just returned from an incredible week in Japan! Interop Tokyo 2026 is the region’s premier computing and networking event. This year’s experience exceeded all our expectations. Connecting with our vibrant community always fuels our passion. It helps us shape the future of network traffic analysis. Here is a look at what went down and what is coming next. A Sold-Out Seminar with Jupiter Technology We owe a massive thank you to our trusted partner, Jupiter Technology. Thanks to their support, we hosted a specialized seminar during the event. The …
AI

Previewing nAnalyst, the layer that finally explains your network
Today we have previewed out first AI-based tool named nAnalyst during out webinar taht we have run with support of the Alibaba Qwen team. This tool is designed to (finally) explain what happens in your network, and we’ll introduce it in September with bet starting on June 22nd. For those who missed the webinar can see the recording of the event. Below you can also find the presentation slides we have used today: Shall you be interested in providing us a feedback and willing to test nAnalyst beta, please fill …
nProbe

Observability: Enabling High-Resolution Timeseries in ntopng
Modern observability platforms are expected to answer questions that traditional monitoring systems were never designed to handle: Conventional network timeseries are excellent for long-term capacity planning and trend analysis, but they often smooth away the short-lived events that matter most during troubleshooting and incident analysis. With the introduction of High-Resolution Timeseries, ntopng closes this visibility gap by enabling historical traffic analysis at 15 second, or even lower, granularity, directly embedded into flow records.  Why High-Resolution Timeseries Matter Traditional flow records aggregate counters over the entire lifetime of a connection. While this approach …
News

ntop Summer Tour: Interop Japan, Italy, Greece, Norway, Croatia…
This summer we are touring to present all the latest development and enhancements to our tool suite. In particular we will be focusing on: For those who cannot meet us in person can follow us in webinars, but we definitively prefer to see you in person. Below you can see some of our 2026 summer tour dates and places: We would like to meet our community in person so we invite you to show up. We are planning to attend other events after the summer, so stay tuned for updates. …
Technologies and Trends

June 9th: Join us for the ntop AI Webinar
Artificial intelligence is now a mature technology that is changing everyday life. Observability and cybersecurity are not an exception. This webinar explains the ntop vision on using AI, what we have done, and what is the direction we have in mind. Main topics include: We’ll open with a short session on running LLMs locally — why it matters for ops teams, and how local open models like Qwen make this possible without sending your network data to third-party clouds. This is network intelligence that stays on your infrastructure and explains …
Announce

AI-Powered Network Monitoring: Introducing ntopng MCP Server
AI-Powered Network Monitoring: Introducing ntopng MCP Server for Headless Security Connect your network monitoring directly to AI assistants. Query ClickHouse flows, pull live host stats, and automate security investigations—all through natural language. Table of Contents What is MCP? Why Headless Network Security? Generate Your API Token Add ntopng to Claude Code Available Tools Use Cases: SOC Analysts Use Cases: Network Managers Security Best Practices Troubleshooting FAQ What is MCP? The Model Context Protocol (MCP) exposes ntopng’s network data and tools to AI assistants like Claude Code, Cursor, and VS Code …
cento

Post-Quantum Cryptography (PQC) Analysis
Modern digital security relies on public-key encryption (like RSA and ECC) to protect global data. The future arrival of a Cryptographically Relevant Quantum Computer (CRQC) will completely break these mathematical foundations. To counter this, organizations must migrate to Post-Quantum Cryptography (PQC) — new, math-based algorithms deployed via standard software that quantum computers cannot exploit. The PQC migration requires to protect data “at rest” (i.e. static data stored on physical drives, databases, cloud storage, or backups) and “in transit” (i.e. data transmitted on computer networks, including HTTPs and VPNs). In the latter case quantum …
Technologies and Trends

May 21st: You’re invited to Observability and Large-Network Monitoring Webinar
Is your network a “black box,” or do you have the granular clarity needed to stay ahead of modern traffic demands? We are excited to announce an upcoming two-part webinar focused on the latest enhancements to nProbe and ntopng. These updates are designed to push the boundaries of what’s possible in network monitoring, moving beyond simple statistics into the realm of true, high-fidelity observability. Here is what we will cover: Part 1: High-Resolution Observability Standard monitoring often misses the “micro-bursts” and transient issues that cause performance bottlenecks. We’ll demonstrate how our new enhancements …
Cybersecurity

Merging ntopng Asset Inventory with Wazuh
Wazuh is a free, open-source security platform that combines SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) capabilities. It is primarily used to monitor endpoints, cloud workloads, and containers to detect threats, ensure compliance, and respond to incidents in real-time. Integrating Wazuh with ntopng creates a powerful security layer by bridging the gap between host-based and network-based monitoring. The core value of this integration lies in comprehensive visibility. While Wazuh excels at monitoring what happens inside a machine, ntopng excels at monitoring what happens between machines. …
ntopng

HowTo Enable Passkey in ntopng
Passkey authentication is a passwordless sign-in method that allows you to log in to websites and apps using the same way you unlock your device—such as a fingerprint, face scan, or a screen lock PIN. It is designed to replace traditional passwords entirely, offering a significantly more secure and faster experience. In ntopng, it can be enabled to implement a multi-factor authentication method. Passkey will only work if selected conditions are met: Similar to MFA, you can enable Passkey in the user’s configuration page. As Passkey is a kind of …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe