Skip to main content
Founding Customer: 50% off year 1 — first 50 customers · code FOUNDING50
NetInsightPro
Per-app data-egress control

See what your apps are sending. Stop the ones you don't trust.

Apps you trust open connections in the background — to servers you didn't pick, in countries you never approved. NetInsightPro names every app, shows where it sends data, and lets you cut the connection in one click.

Start free downloadEnterprise

No card · Windows / Linux / Android · Your data stays on your device

NetInsightProTenant: techprof
live
Apps observed (last 5 min)🔔 2 anomalies
chrome
google.com4.2 MB
slack
slack.com423 KB
cursor
openai.com25 KB
ollama
localhost1.8 MB
unknown
185.220.101.x73 KB
0+endpoints monitored
0.0%uptime SLA
0/7AI threat detection

Supported platforms & integrations

  • Windows 11
  • Windows Server 2022
  • Ubuntu 20.04+
  • Debian 12
  • Fedora 38+
  • Android 7.0+
  • macOS (soon)
  • WFP
  • Netfilter
  • VpnService
  • OCSF
  • SCIM 2.0
  • OIDC
  • .NET
  • Python
  • Node.js
The gap

What existing tools miss

The problem

  • Firewalls block ports, not apps
  • Wireshark shows packets but can't act
  • Cloud SIEMs see what they see, not what you lose

How NetInsightPro closes it

  • Per-app attribution at the kernel level
  • One-click block — instant, no reboot
  • Local-first: data stays on your device
AI-era threat detectionEarly Access

First per-app firewall that catches AI-powered worms

AI-augmented malware now queries ChatGPT and Claude during live attacks to generate recon commands and evade detection. NetInsightPro is the first per-app firewall with dedicated detection for LLM-orchestrated threats — at the network layer, without reading your prompts.

  • LLM API egress monitoring — alerts when malware queries ChatGPT/Claude/Gemini from non-browser processes
  • Lateral move detection — flags follow-up internal connections within 60s of LLM contact, signal of LLM-orchestrated reconnaissance (H5)
  • Swarm detection — escalates when 3+ hosts in your network show the same unknown process hash making LLM API calls within a 5-minute window (H7)
How detection worksEnterprise

  • Your network data stays on your device. Insight is local. Control is yours.

    — NetInsightPro design principle

  • AI threats need AI defense — on every endpoint, not in the cloud.

    — NetInsightPro design principle

  • Compliance is enforced, not promised. EU/UK data residency by default.

    — NetInsightPro design principle
Platform features

Six capabilities. One lightweight agent.

From raw packet attribution to enterprise SSO — all without sending your flow data to anyone.

Per-app visibility

Every outbound connection tagged to the process that opened it — not just the IP or port. See exactly which app is talking to which server.

Byte-level monitoring

Real-time byte counts, connection timelines, and destination breakdowns per app. Nothing is aggregated away.

Allow / block rules

One-click block any app at the kernel level. Rules persist on your device — no reboot, no service restart, no cloud sync required.

Enterprise

SIEM forwarder (OCSF)

Push structured OCSF events to your SIEM via webhook. Integrate with Splunk, Elastic, or any webhook-capable endpoint.

Hybrid

Hybrid deployment

Keep raw telemetry on your own infrastructure. Cloud sees only Ed25519-signed daily digests. BYO object storage + KMS.

License-only telemetry

The only signal we receive: your licence key + a hardware fingerprint hash. No flow data, no app names, no destinations — ever.

How NetInsightPro works

From endpoint signal to operator alert — one unified pipeline, fully on-host or hybrid.

  1. Data Sources
    Endpoints · Firewall · DNS
  2. Collectors
    On-host · Hybrid · Cloud
  3. Analytics Engine
    Stream · Enrich · Index
  4. Threat Detection
    Anomaly · AI-Worm · Lateral
  5. Dashboards & Alerts
    Per-tenant · SIEM · Pager
Intelligence layer

Anomaly detection on per-app egress.

Smart alerts fire when outbound bytes deviate from your 7-day EWMA baseline. Per-tenant threshold tuning via policy.

  • Flags the app, new destinations, and excess byte volume
  • Side-by-side baseline vs. spike comparison
  • One-click block + optional OCSF SIEM forwarding
See it in action
Dashboard

Real-software proof.

The same dashboard view — web admin for fleet ops, device client for personal control.

NetInsightPro web admin dashboard showing per-app egress monitoring
0apps monitored
0.0GB out today
0anomalies this week
0data leaks
Installersv1.0.0+38 · via /download
Build 38
Android 7.0+
arm64 · arm32 · x86_64
72.3 MB
Get installer →
Coming soon
macOS
Apple Silicon + Intel

All installers sha256-verified · account required · Download page →

LivePublished 6 Jun 2026
Windows
x64
Current
Version
v1.0.0+38
Size
12.0 MB
Built
Linux
x86_64
Current
Version
v1.0.0+38
Size
11.9 MB
Built
Android
arm64 · arm32 · x86_64
Current
Version
v1.0.0+38
Size
72.3 MB
Built
macOS
Apple Silicon + Intel
Soon
Version
Coming soon
Size
Built
sha256 —

Full SHA-256 manifest at releases.netinsightpro.com/latest.json · Download page

Security & compliance

Built for enterprise trust.

Security architecture

  • Ed25519-signed daily digests (Hybrid tier)
  • mTLS between agent and collector
  • RBAC — per-seat role enforcement
  • Immutable audit log
  • On-prem Hybrid deployment (your infra, your keys)
  • BYO KMS — encryption keys never leave your account

Compliance & standards

  • SOC 2 Type II (Enterprise)
  • SAML 2.0 / OIDC SSO
  • SCIM 2.0 provisioning
  • UK GDPR · EU GDPR
  • DORA · BSI C5 · NIS2 alignment (Hybrid)

No banned dates. SOC 2 Type II report available on request for Enterprise customers.

SIEM integration

Sample OCSF event forwarded to your SIEM

Network Activity · Established (class_uid 4001)
{
  "metadata": {
    "version": "1.3.0",
    "product": { "name": "NetInsightPro", "vendor_name": "NetInsightPro Ltd" }
  },
  "class_uid": 4001,
  "category_name": "Network Activity",
  "activity_name": "Established",
  "severity_id": 3,
  "time": 1717862400000,
  "src_endpoint": { "ip": "10.0.4.17", "hostname": "ws-eu-014" },
  "dst_endpoint": { "ip": "104.18.32.7", "hostname": "api.openai.com" },
  "connection_info": { "protocol_name": "tcp", "direction": "outbound" },
  "observables": [{ "name": "ai_threat_subtype", "value": "llm_exfil_suspect" }]
}
FAQ

Frequently asked questions

More questions? Email support or see the Glossary.

How we compare

NetInsightPro vs. the alternatives

Wireshark shows packets but cannot block. Firewalls block ports but cannot see which app sits behind them. Only NetInsightPro gives you per-app control across Windows, Linux, Android — plus enterprise SSO.

NetInsightPro vs. alternatives — feature comparison
ProductPer-app granularityWindowsLinuxmacOSAndroidReal-time blockingEnterprise SSOData stays local
NetInsightProSoon
Wireshark
Little Snitch
PortMaster
OpenSnitch

macOS support is in development (notarisation pending). Enterprise SSO = SAML 2.0 / OIDC built-in.

Start in 60 seconds. Your data never leaves.

Free tier — no account needed. Install and see your app traffic in minutes.

Start free downloadTalk to enterprise

No card required · Windows / Linux / Android · Your data stays on your device

NetInsightPro

See which apps are sending your data — and stop the ones you don't trust. Local-only, per-app, on the devices you already own.

TechProf Ltd
Suite 27 Chessington Business Centre
Cox Lane, Chessington
Surrey KT9 1SD, United Kingdom

Product

Legal

Support

© 2026 TechProf Ltd. NetInsightPro is a registered trademark of TechProf Ltd.

All systems operational
Made in the UKUK GDPR · EU GDPR · CCPA