Arkime
Arkime is an open-source, large-scale packet capture and analysis system that stores and indexes network traffic, enabling security analysts to quickly investigate and respond to security incidents. It provides a web interface and APIs for browsing, searching, and exporting packet data, offering comprehensive network visibility.
Specialties
Products
Integrations
Arkime
The Polarity - Arkime integration empowers security analysts by providing instant, in-context access to Arkime's detailed network traffic data directly within their existing workflows. When analysts encounter network indicators, Polarity queries Arkime, delivering relevant packet information without requiring application switching. This streamlined process enhances contextual awareness, accelerates incident response, and improves overall analysis efficiency by centralizing crucial network visibility.
Examples
Arkime Data Overview
- Summary: When first looking up information in Arkime analysts will quickly be able to see the number of Arkime sessions associated with an asset on the network.
- Session Summary: When drilling into the details of the asset on the network analysts will quickly be able to get information on the payload summary. Getting context on the node, time it was seen on the network the protocol and more.
Related Resources
Built By Polarity