π΄ View Live Demo β
Enterprise-grade Network Detection & Response (NDR) platform with real-time threat visualization and advanced security analytics.
- Real-time Threat Map - Interactive world map showing live threat origins
- Operational Metrics - MTTR, SLA compliance, analyst workload
- Priority Incident Management - Automated severity classification
- Network Analytics - Deep packet inspection and traffic analysis
- Event Search - Advanced querying with filters and correlation
- Alert Investigation - MITRE ATT&CK framework integration
- Real-time Feed - Live event streaming with pause/resume
- SSL/TLS Analysis - Certificate inspection and JA3 fingerprinting
- File Analysis - YARA scanning and sandbox integration
- DNS Intelligence - Suspicious domain detection
- Threat Intelligence - IOC feeds and reputation scoring
- Edge Computing - Distributed processing with local buffering and detection
- SOAR Integration - Automated response playbooks
- SIEM Connectors - Integration with major SIEM platforms
- Asset Discovery - Automatic network inventory
Visit the live demo to explore all features with simulated data.
# Clone repository
git clone https://github.com/nutthakorn7/ndr.git
cd ndr/ui
# Install dependencies
npm install
# Start development server
npm run dev
# Open browser to http://localhost:5173βββββββββββββββββββββββββββββββββββββββββββββββ
β React Frontend (Vite) β
β ββββββββββββ ββββββββββββ βββββββββββββββ β
β βDashboard β βAnalytics β βThreat Intel β β
β ββββββββββββ ββββββββββββ βββββββββββββββ β
ββββββββββββββββββ¬βββββββββββββββββββββββββββββ
β REST API
ββββββββββββββββββ΄βββββββββββββββββββββββββββββ
β Backend Services (Coming) β
β ββββββββββββ ββββββββββββ βββββββββββββββ β
β βDashboard β β Zeek β β Suricata β β
β β API (Rust) β β Analysis β β IDS/IPS β β
β ββββββββββββ ββββββββββββ βββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββ
Real-time operational metrics and global threat map
Traffic visualization and protocol analysis
Detailed alert context with MITRE ATT&CK mapping
Frontend:
- React 18 with Hooks
- Vite (build tool)
- Recharts (data visualization)
- Lucide React (icons)
- CSS3 (dark theme)
Backend:
- Rust (Axum, Tokio) - High-performance Microservices
- OpenSearch - Log Storage
- PostgreSQL - Metadata
- Redis - Caching & Queues
- Suricata - IDS/IPS Engine
- Tcpdump - Packet Capture
- Docker & Docker Compose
β Frontend: Production-ready with real-time data β Backend: Full microservices stack integrated β Advanced: AI Analysis, Suricata IDS, & PCAP enabled
- All UI components
- Interactive dashboards
- Real-time data simulation
- Responsive design
- API endpoints (Dashboard, Asset, Auth)
- Real data pipeline (OpenSearch, Postgres)
- Authentication (JWT + API Key)
- WebSocket for real-time events
- Suricata IDS Integration
- Full Packet Capture (PCAP)
- Query Builder & Correlation Graph
- AI-Powered Analysis (Triage & Chat)
- Cloud Deployment (AWS/Azure/GCP)
- Multi-Tenancy Support
- Compliance Reporting (PCI-DSS, HIPAA)
- Advanced AI Agents (Autonomous Response)
- SSO / SAML Integration
- User Guide - Start Here! How to use the dashboard and features
- Management Server Installation - Complete server setup guide
- Sensor Installation - Deploy sensors on remote hosts
- Deployment Guide - How to deploy the demo
- API Integration - Backend integration guide
- Feature Gap Analysis - Roadmap details
Contributions are welcome! Please feel free to submit a Pull Request.
MIT License - see LICENSE file for details
- Inspired by enterprise SIEM/NDR platforms
- Built with modern web technologies
- Designed for SOC analysts
Made with β€οΈ for the cybersecurity community
β Star this repo if you find it useful!