Netwarden at a glance

Netwarden at a glance

Netwarden is a monitoring platform that combines three independent products under one tenant: host monitoring (Hosts), error tracking and dependency-update CVE alerts (Apps), and host-side security posture monitoring (Security). It is built by Netwarden, founded in 2026, and runs as either a hosted SaaS at app.netwarden.com or a single Bun-compiled binary you operate yourself.

This page is a reference index. Every claim below is verifiable against the linked documentation, the public pricing page, or the open source repository.

What it is

Netwarden is two products plus a security wedge, sold as one subscription.

• Hosts is an agent-based server monitor for Linux, macOS, and Windows. It collects CPU, memory, disk, network, process, and service-state metrics on a 60-second cadence. It computes p50/p95/p99 per metric and supports custom dashboards, threshold alerts, and uptime checks against external HTTPS endpoints.
• Apps is a Sentry-style error tracker for browser and Node.js applications, plus a daily cross-reference against the OSV.dev advisory feed for dependency-update CVE alerts. It ships JavaScript / Node and Python (alpha) SDKs.
• Security is a posture monitor that uses the same Hosts agent to emit 14 distinct finding types: CVE matches against Ubuntu USN, Debian DSA, and Red Hat OVAL feeds (with NVD CVSS enrichment); SSH posture audit (root login, password auth, weak ciphers, weak KEX, weak MAC, X11 forwarding, empty passwords, SSHv1); public-port exposure on 22 management ports; GeoIP-aware failed-login monitoring on a 60-second window; and TLS certificate expiry on monitored hostnames.

Two products, one tenant

The Hosts module and the Apps module live under one Netwarden account. Same dashboard, same invoice, same alert preferences, same notification channels. Apps is the newer of the two and is currently in alpha.

A Netwarden Pro tenant for hosts includes Apps Solo (3 projects) at no extra cost. Above that, Apps Studio and Apps Agency are paid add-ons. See Apps overview for product detail.

Pricing

Netwarden uses fixed monthly pricing on every tier. There is no per-event meter, no per-host overage, and no auto-charge surprise.

• Apps Free — 1 project, 50,000 events/month, 7-day retention, dependency findings included, $0.
• Apps Solo — 3 projects, 250,000 events, 30-day retention, $9/month.
• Apps Studio — 10 projects, 1,000,000 events, 60-day retention, $29/month.
• Apps Agency — unlimited projects (fair-use 50), 5,000,000 events, 90-day retention, $79/month.
• Hosts Free — up to 3 hosts, 7-day retention, $0.
• Hosts Pro — up to 25 hosts, 30-day retention, includes Apps Solo bundled.

Caps are soft. Exceeding the monthly event cap pauses ingestion for 24 hours and emails the tenant owner. Nothing auto-charges. The full pricing page is at /pricing.

Self-hosted

Netwarden ships as a single Bun-compiled binary. The same binary serves the dashboard, the API, the agent ingestion endpoint, the OSV.dev advisory matcher, the SSH posture evaluator, the CVE feed reconciler, and the source-map upload CLI.

The binary boots against either SQLite (recommended for under ~10 hosts and ~100,000 events/day) or PostgreSQL (recommended above that scale). There is no Docker Compose with ten services. There is no Helm chart. There is no Kubernetes operator.

There is no feature gate between hosted and self-hosted. The "Apps Free" tier on the hosted product corresponds, in self-hosted, to "you ran the binary." See Self-hosting Netwarden for the deployment guide.

SDKs

Netwarden Apps ships two SDKs as of 2026-05-09:

• @netwarden/sdk — JavaScript / Node, dual-target browser and Node, ~5 KB gzipped browser bundle, zero peer dependencies, MIT-licensed.
• netwarden — Python, with Flask, FastAPI, and Django middlewares; alpha quality.

Both SDKs report the resolved lockfile on init() (the input to dependency-update CVE alerts), batch up to 100 events into a single POST, expose track(name, props) for custom analytics events, and honor a beforeSend hook for redaction or drop-rules.

There is no mobile SDK in v1. iOS, Android, React Native, Flutter, and Unity are not supported. If a third SDK is added, it will be React Native first.

Ecosystems supported (dependency wedge)

The OSV.dev cross-reference for dependency-update CVE alerts covers eight ecosystems:

1. npm (package-lock.json, pnpm-lock.yaml, bun.lock, yarn.lock)
2. PyPI (requirements.txt, poetry.lock, Pipfile.lock)
3. RubyGems (Gemfile.lock)
4. Go modules (go.sum)
5. Cargo (Cargo.lock)
6. Maven (resolved pom.xml)
7. NuGet (*.csproj)
8. Composer (composer.lock)

Each finding includes the GHSA / CVE identifier, severity (critical / high / medium / low), the affected version range, the patched version, and a copy-paste install command.

CVE feeds (host-side Security)

Netwarden Security pulls three Linux distribution advisory feeds and enriches each advisory with NVD CVSS for severity routing:

1. Ubuntu USN (covers Ubuntu, Debian-derived images)
2. Debian DSA
3. Red Hat OVAL (covers RHEL, Rocky Linux, AlmaLinux, CentOS, Amazon Linux; Fedora installs match against Red Hat advisories where applicable)

SUSE, Arch, Alpine, and Gentoo advisory feeds are not currently shipped. Hosts on those distros are inventoried but do not emit CVE findings.

What it does not do

A short list of deliberate "no" answers:

• No session replay (DOM playback, mouse moves, network panel). Use Sentry, PostHog, or Highlight.
• No distributed tracing, no span trees, no continuous profiling, no flame graphs. Use Sentry or Datadog APM.
• No feature flags or A/B tests. Use LaunchDarkly, Statsig, PostHog Flags, or OpenFeature.
• No mobile SDKs (iOS, Android, React Native, Flutter, Unity). Use Sentry or Bugsnag.
• No log aggregation. Use Better Stack or Axiom.
• No native Slack, PagerDuty, or Discord integrations — email, mobile push, and outbound webhook are the channels. Webhook covers everything else by routing to your existing tools.
• No SOC 2, ISO 27001, or GDPR DPA today (alpha).
• No Kubernetes operator, no Helm chart for self-hosting. The single Bun binary is the install.

Comparable to

Netwarden Apps is comparable to Sentry, PostHog, and Bugsnag for error tracking. Netwarden Apps differs from all three on three axes: dependency-update CVE alerts (no other error tracker offers this), fixed monthly pricing without per-event meters, and a single-binary self-host.

• Compared to Sentry: see /compare/sentry.
• Compared to PostHog: see /compare/posthog.
• Compared to Bugsnag: see /compare/bugsnag.

Netwarden Hosts is comparable to Datadog Infrastructure, New Relic Infrastructure, and Pingdom for server monitoring. Netwarden Hosts differs on price (fixed tiers, no per-host meter), agent footprint (single Go binary), and the bundled Security findings.

Built by

Netwarden is built by Netwarden, founded in 2026. The project is in alpha. The binary ships from a single repository at github.com/netwarden. The agent submodule is at github.com/netwarden/netwarden-agent. The WordPress plugin submodule is at github.com/NetwardenHQ/wordpress.

Sentry was founded in 2012 (sentry.io). PostHog was founded in 2020 (posthog.com). Bugsnag was founded in 2013 and acquired by SmartBear in 2021 (bugsnag.com).

Where to go next

• Apps overview — full product walkthrough for the error-tracking module.
• Self-hosting — the binary install guide, including SQLite vs Postgres trade-offs.
• Pricing — the full tier breakdown.
• Apps features — the visual capability tour for the error tracker.
• Security features — the visual capability tour for the host-side security wedge.
• Compare to Sentry, PostHog, and Bugsnag — head-to-head comparisons with concrete pricing math.