Workforce analytics & insider-threat monitoring

Track smarter.
Perform better.

SpyTrax gives security and operations teams complete, consent-based visibility into how work happens — activity, attendance, screenshots, and data-exfiltration detection across every endpoint.

Start 14-day free trialExplore features

No credit card required · macOS · Windows · Linux

Runs natively on

macOS

12+ · Intel & Apple Silicon

Windows

10 / 11 · x64

Linux

Ubuntu, Debian, RHEL, Fedora

52

Data tables tracked

13

Monitoring services per device

16+

Configurable alert rules

3

Operating systems, one agent

One platform

Everything you need to understand and protect your workforce

From productivity analytics to insider-threat detection — a single lightweight agent feeds it all.

📊

Activity & Application Tracking

Understand exactly how work happens — apps, windows, and focus, classified automatically.

  • Active application & window-title tracking (30s flush)
  • Productive / neutral / unproductive auto-classification (816+ app patterns)
  • Keystroke & mouse-event counts (metadata only — never content)
🖥️

Live Monitoring & Screenshots

Real-time visibility into every workstation, with privacy-aware capture.

  • Live screen grid streamed over WebSocket
  • Full-screen live view per employee
  • Configurable screenshot interval (default 5 min)
⏱️

Attendance & Time Tracking

Automatic, accurate timesheets built from real activity — no manual punching.

  • Automatic login / logout & session tracking
  • Active vs idle time with configurable thresholds
  • Shift definitions, late check-in & overtime detection
🌐

Browser & Web Activity

See which sites and cloud tools your teams actually use.

  • Active tab URL & page title (Chrome, Firefox, Safari, Edge, Brave, Arc…)
  • Browser history ingestion & time-per-URL
  • Signed-in profile detection (personal vs work email)
🛡️

Insider-Threat & DLP

Catch data exfiltration and risky behavior before it becomes a breach.

  • USB insert/remove events with vendor, product & serial
  • USB file-copy detection with extension-based risk scoring
  • Cloud-upload detection via DNS cache inspection
💾

Asset & Software Inventory

A live inventory of every device and what's installed on it.

  • Device hardware fingerprinting (MAC, board serial, CPU, BIOS UUID)
  • Installed-software inventory with vendor & version
  • Install / uninstall / version-change changelog
🔔

Alerts & Automations

Configurable rules that route the right signal to the right people.

  • 16+ built-in alert rules (idle, after-hours, USB, VPN, threats…)
  • Severity levels with smart de-duplication
  • In-app, Email, Slack & Microsoft Teams delivery
📈

Reports & Productivity Analytics

Turn raw activity into decisions managers can act on.

  • Daily / weekly / monthly productivity scoring
  • Department & team comparison dashboards
  • Top applications & top URLs by time
See the full feature list →
Complete coverage

Capture every signal that matters

Twelve categories of telemetry, classified and correlated automatically — counts and metadata, never private content.

🪟Active app & window
⌨️Keystroke & mouse counts
📸Screenshots
🌐Browser URLs & history
⏱️Idle & active time
🔌USB device & file copies
🛰️VPN & IP changes
⚙️Running processes
📦Installed software
☁️Cloud uploads
🌙Sleep / wake events
🔑Login attempts
Live monitoring

See your whole team, in real time

A live screen grid streamed over WebSocket, with per-employee full-screen view, current app, and online status — all privacy-masked when you need it.

  • Real-time screenshot stream with configurable interval
  • Online / idle / offline presence at a glance
  • Current application & window title per person
  • Privacy masking and optional blur mode
Insider-threat & DLP

Catch data exfiltration as it happens

USB file copies, cloud uploads, suspicious processes, and VPN drops surface as severity-ranked alerts — routed to the people who need them.

  • Extension-based risk scoring on USB file copies
  • Cloud-upload detection via DNS-cache inspection
  • Known-threat process detection (mimikatz, netcat…)
  • Alerts to Slack, Teams, email & signed webhooks
How it works

Live in minutes, not weeks

01

Deploy the agent

Roll out a single ~8MB Go agent to macOS, Windows & Linux endpoints with native installers and auto-start services.

02

Data flows in

Activity, screenshots, attendance, and security events stream securely to your dashboard — buffered offline and encrypted in transit.

03

Act on insight

Watch live, get alerted on risky behavior, and export productivity reports that managers and auditors can actually use.

Why SpyTrax

One agent. Thirteen services. Zero blind spots.

A lightweight supervisor keeps every monitoring service running and visible — employees can see exactly what's active.

🧩

Security + productivity in one

Most tools do timesheets or DLP. SpyTrax does both from a single agent — so you stop paying for two platforms and stitching their data together.

💻

One agent, three operating systems

A single ~8MB Go binary covers macOS, Windows, and Linux with native APIs — no per-OS products, no feature gaps.

🤝

Transparent by default

Consent flows, a visible status app, and a clear 'never collected' list make SpyTrax something employees accept, not resent.

Deploys in minutes

Native installers and auto-start services mean you're collecting data the same afternoon — not running a quarter-long rollout.

Built for your team

One platform, many jobs to be done

Security, HR, operations, and compliance teams all run on the same source of truth.

🌍

Remote & hybrid teams

Keep distributed teams aligned with accurate, automatic timesheets and a clear picture of how the day was spent — without micromanaging.

🛡️

Insider-threat & DLP

Detect data exfiltration the moment it starts — USB copies, cloud uploads, and suspicious tooling — with severity-ranked alerts.

🎧

BPO & staff augmentation

Prove billable hours to clients with defensible activity records, screenshots, and exportable productivity reports.

⚖️

Compliance & regulated industries

Satisfy auditors with immutable logs, granular RBAC, retention controls, and built-in data-subject rights.

Explore solutions →
Trusted by teams

What security & ops leaders say

We replaced two separate tools — one for timesheets and one for DLP — with SpyTrax. The USB and cloud-upload alerts caught an exfiltration attempt in our first month.

Priya N.

Head of Information Security · Fintech, 600 seats

Our remote team's attendance used to be guesswork. Now it's automatic and fair, and managers finally trust the productivity numbers.

Marcus L.

VP of Operations · BPO, 1,200 seats

The consent flow and the clear 'what we never collect' list made the rollout painless. Our works council signed off without a fight.

Sofia R.

People Operations Lead · SaaS, 220 seats

Fits your stack

Connects to the tools you already use

Route alerts, export data, and provision users through the integrations your team relies on.

SlackMicrosoft TeamsEmail / SMTPCustom WebhooksREST APICSV / XLSXS3 / MinIOSSO / SAML
Ethical by design

Powerful monitoring — with privacy built in

SpyTrax captures metadata and counts, never private content. Consent, masking, and data-subject rights are first-class, not afterthoughts.

See our security & compliance →

What SpyTrax never collects

  • Actual keystrokes or typed text
  • Passwords
  • Banking page content
  • Incognito / private browsing
  • Camera or microphone
  • GPS / location
  • Personal photos & documents
  • Biometric data

Ready to see your workforce clearly?

Start a 14-day free trial — no credit card required. Invite your whole team and see results the same day.

Start free trialBook a demo