We built NetNerve with a single uncompromising rule: the frontend is a suggestion — the backend is the law. Here's what that means for your data.
Your packet capture files are processed entirely in-memory. They are never written to disk, never stored in a database, and never accessible after analysis completes.
Files are streamed directly into the analysis pipeline and garbage collected immediately after results are returned.
All API keys, tokens, and credentials (OpenAI, Suricata, Stripe) exist only on the server. Nothing sensitive ever reaches the client-side code or browser.
We follow the principle: if it runs on the user's device, the secret is already leaked.
We do not log, analyze, or retain the contents of your packet captures for any purpose — including model training, analytics, or marketing.
Server logs contain only sanitized metadata: file size, processing time, and error codes. Never payload data.
NetNerve runs on isolated containers with read-only file systems. Network egress is restricted. The Suricata engine runs in a sandboxed process.
Deployed on Render with automatic TLS, DDoS protection, and zero-downtime deployments.
Every action that consumes resources — file uploads, AI generation, Suricata scans — is rate-limited per user and per IP to prevent abuse.
Free: 5/day. Pro: 50/day. Forensics: 200/day. Limits reset at midnight UTC.
Our codebase and detection rules are documented publicly. We believe security tools should be transparent about how they work.
Custom Suricata rules and MITRE mapping logic are documented in our /docs page.
We're happy to answer any questions about how we handle your data.