Skip to content


RockNSM is the premier sensor platform for Network Security Monitoring (NSM) hunting and incident response (IR) operations. ROCK is the open-source security distribution that prioritizes being:

  • Reliable
  • Scalable
  • Secure

Above all else, ROCK exists to aid the analyst in the fight to find the adversary.


If you're already familiar with building sensors you can jump straight into things in the Quickstart Guide.


See the Releases page for the latest info on ROCK 2.5.


About - project overview / background / dataflow

Install - requirements / install media / installation

Configure - configuring for your use case

Deploy - development via Ansible playbooks

Usage - basic usage overview and troubleshooting

Services - component directory and management info

Reference - concept / design, components / dataflow