add testing values for helm chart

Update README and fix broken links (#1846 )
* Update README with new structure and AI focus * Update AI section: AI-Powered Root Cause Analysis with agents * updated links * added an image to the API context * some fixes to the readme * Remove TODO comments - using real images * Fix broken MCP Registry links in mcp/README.md Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 01:30:23 +00:00 · 2026-02-25 13:03:32 +00:00 · 2026-02-13 15:43:04 -08:00 · 2026-02-11 11:27:37 -08:00 · 2026-02-10 10:40:48 -08:00 · 2026-02-09 13:39:33 -08:00
41 changed files with 3747 additions and 367 deletions
--- a/.github/workflows/mcp-publish.yml
+++ b/.github/workflows/mcp-publish.yml
@@ -0,0 +1,201 @@
 name: MCP Registry Publish
 on:
  workflow_call:
    inputs:
      release_tag:
        description: 'Release tag to publish (e.g., v52.13.0)'
        type: string
        required: true
  workflow_dispatch:
    inputs:
      dry_run:
        description: 'Dry run - generate server.json but skip actual publishing'
        type: boolean
        default: true
      release_tag:
        description: 'Release tag to publish (e.g., v52.13.0)'
        type: string
        required: true
 jobs:
  mcp-publish:
    name: Publish to MCP Registry
    runs-on: ubuntu-latest
    permissions:
      id-token: write  # Required for OIDC authentication with MCP Registry
      contents: read   # Required for checkout
    steps:
      - name: Check out the repo
        uses: actions/checkout@v4
      - name: Determine version
        id: version
        shell: bash
        run: |
          # inputs.release_tag works for both workflow_call and workflow_dispatch
          VERSION="${{ inputs.release_tag }}"
          echo "tag=${VERSION}" >> "$GITHUB_OUTPUT"
          echo "Publishing MCP server for version: ${VERSION}"
      - name: Download SHA256 files from release
        shell: bash
        run: |
          VERSION="${{ steps.version.outputs.tag }}"
          mkdir -p bin
          echo "Downloading SHA256 checksums from release ${VERSION}..."
          for platform in darwin_arm64 darwin_amd64 linux_arm64 linux_amd64 windows_amd64; do
            url="https://github.com/kubeshark/kubeshark/releases/download/${VERSION}/kubeshark-mcp_${platform}.mcpb.sha256"
            echo "  Fetching ${platform}..."
            if ! curl -sfL "${url}" -o "bin/kubeshark-mcp_${platform}.mcpb.sha256"; then
              echo "::warning::Failed to download SHA256 for ${platform}"
            fi
          done
          echo "Downloaded checksums:"
          ls -la bin/*.sha256 2>/dev/null || echo "No SHA256 files found"
      - name: Generate server.json
        shell: bash
        run: |
          VERSION="${{ steps.version.outputs.tag }}"
          CLEAN_VERSION="${VERSION#v}"
          # Read SHA256 hashes
          get_sha256() {
            local file="bin/kubeshark-mcp_$1.mcpb.sha256"
            if [ -f "$file" ]; then
              awk '{print $1}' "$file"
            else
              echo "HASH_NOT_FOUND"
            fi
          }
          DARWIN_ARM64_SHA256=$(get_sha256 "darwin_arm64")
          DARWIN_AMD64_SHA256=$(get_sha256 "darwin_amd64")
          LINUX_ARM64_SHA256=$(get_sha256 "linux_arm64")
          LINUX_AMD64_SHA256=$(get_sha256 "linux_amd64")
          WINDOWS_AMD64_SHA256=$(get_sha256 "windows_amd64")
          echo "SHA256 hashes:"
          echo "  darwin_arm64: ${DARWIN_ARM64_SHA256}"
          echo "  darwin_amd64: ${DARWIN_AMD64_SHA256}"
          echo "  linux_arm64:  ${LINUX_ARM64_SHA256}"
          echo "  linux_amd64:  ${LINUX_AMD64_SHA256}"
          echo "  windows_amd64: ${WINDOWS_AMD64_SHA256}"
          # Generate server.json using jq for proper formatting
          jq -n \
            --arg version "$CLEAN_VERSION" \
            --arg full_version "$VERSION" \
            --arg darwin_arm64_sha "$DARWIN_ARM64_SHA256" \
            --arg darwin_amd64_sha "$DARWIN_AMD64_SHA256" \
            --arg linux_arm64_sha "$LINUX_ARM64_SHA256" \
            --arg linux_amd64_sha "$LINUX_AMD64_SHA256" \
            --arg windows_amd64_sha "$WINDOWS_AMD64_SHA256" \
            '{
              "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
              "name": "io.github.kubeshark/mcp",
              "displayName": "Kubeshark",
              "description": "Real-time Kubernetes network traffic visibility and API analysis for HTTP, gRPC, Redis, Kafka, DNS.",
              "icon": "https://raw.githubusercontent.com/kubeshark/assets/refs/heads/master/logo/ico/icon.ico",
              "repository": { "url": "https://github.com/kubeshark/kubeshark", "source": "github" },
              "homepage": "https://kubeshark.com",
              "license": "Apache-2.0",
              "version": $version,
              "authors": [{ "name": "Kubeshark", "url": "https://kubeshark.com" }],
              "categories": ["kubernetes", "networking", "observability", "debugging", "security"],
              "tags": ["kubernetes", "network", "traffic", "api", "http", "grpc", "kafka", "redis", "dns", "pcap", "wireshark", "tcpdump", "observability", "debugging", "microservices"],
              "packages": [
                { "registryType": "mcpb", "identifier": ("https://github.com/kubeshark/kubeshark/releases/download/" + $full_version + "/kubeshark-mcp_darwin_arm64.mcpb"), "fileSha256": $darwin_arm64_sha, "transport": { "type": "stdio" } },
                { "registryType": "mcpb", "identifier": ("https://github.com/kubeshark/kubeshark/releases/download/" + $full_version + "/kubeshark-mcp_darwin_amd64.mcpb"), "fileSha256": $darwin_amd64_sha, "transport": { "type": "stdio" } },
                { "registryType": "mcpb", "identifier": ("https://github.com/kubeshark/kubeshark/releases/download/" + $full_version + "/kubeshark-mcp_linux_arm64.mcpb"), "fileSha256": $linux_arm64_sha, "transport": { "type": "stdio" } },
                { "registryType": "mcpb", "identifier": ("https://github.com/kubeshark/kubeshark/releases/download/" + $full_version + "/kubeshark-mcp_linux_amd64.mcpb"), "fileSha256": $linux_amd64_sha, "transport": { "type": "stdio" } },
                { "registryType": "mcpb", "identifier": ("https://github.com/kubeshark/kubeshark/releases/download/" + $full_version + "/kubeshark-mcp_windows_amd64.mcpb"), "fileSha256": $windows_amd64_sha, "transport": { "type": "stdio" } }
              ],
              "tools": [
                { "name": "check_kubeshark_status", "description": "Check if Kubeshark is currently running in the cluster.", "mode": "proxy" },
                { "name": "start_kubeshark", "description": "Deploy Kubeshark to the Kubernetes cluster. Requires --allow-destructive flag.", "mode": "proxy", "destructive": true },
                { "name": "stop_kubeshark", "description": "Remove Kubeshark from the Kubernetes cluster. Requires --allow-destructive flag.", "mode": "proxy", "destructive": true },
                { "name": "list_workloads", "description": "List pods, services, namespaces, and nodes with observed L7 traffic.", "mode": "all" },
                { "name": "list_api_calls", "description": "Query L7 API transactions (HTTP, gRPC, Redis, Kafka, DNS) with KFL filtering.", "mode": "all" },
                { "name": "get_api_call", "description": "Get detailed information about a specific API call including headers and body.", "mode": "all" },
                { "name": "get_api_stats", "description": "Get aggregated API statistics and metrics.", "mode": "all" },
                { "name": "list_l4_flows", "description": "List L4 (TCP/UDP) network flows with traffic statistics.", "mode": "all" },
                { "name": "get_l4_flow_summary", "description": "Get L4 connectivity summary including top talkers and cross-namespace traffic.", "mode": "all" },
                { "name": "list_snapshots", "description": "List all PCAP snapshots.", "mode": "all" },
                { "name": "create_snapshot", "description": "Create a new PCAP snapshot of captured traffic.", "mode": "all" },
                { "name": "get_dissection_status", "description": "Check L7 protocol parsing status.", "mode": "all" },
                { "name": "enable_dissection", "description": "Enable L7 protocol dissection.", "mode": "all" },
                { "name": "disable_dissection", "description": "Disable L7 protocol dissection.", "mode": "all" }
              ],
              "prompts": [
                { "name": "analyze_traffic", "description": "Analyze API traffic patterns and identify issues" },
                { "name": "find_errors", "description": "Find and summarize API errors and failures" },
                { "name": "trace_request", "description": "Trace a request path through microservices" },
                { "name": "show_topology", "description": "Show service communication topology" },
                { "name": "latency_analysis", "description": "Analyze latency patterns and identify slow endpoints" },
                { "name": "security_audit", "description": "Audit traffic for security concerns" },
                { "name": "compare_traffic", "description": "Compare traffic patterns between time periods" },
                { "name": "debug_connection", "description": "Debug connectivity issues between services" }
              ],
              "configuration": {
                "properties": {
                  "url": { "type": "string", "description": "Direct URL to Kubeshark Hub (e.g., https://kubeshark.example.com). When set, connects directly without kubectl/proxy.", "examples": ["https://kubeshark.example.com", "http://localhost:8899"] },
                  "kubeconfig": { "type": "string", "description": "Path to kubeconfig file for proxy mode.", "examples": ["~/.kube/config", "/path/to/.kube/config"] },
                  "allow-destructive": { "type": "boolean", "description": "Enable destructive operations (start_kubeshark, stop_kubeshark). Default: false for safety.", "default": false }
                }
              },
              "modes": {
                "url": { "description": "Connect directly to an existing Kubeshark deployment via URL. Cluster management tools are disabled.", "args": ["mcp", "--url", "${url}"] },
                "proxy": { "description": "Connect via kubectl port-forward. Requires kubeconfig access to the cluster.", "args": ["mcp", "--kubeconfig", "${kubeconfig}"] },
                "proxy-destructive": { "description": "Proxy mode with destructive operations enabled.", "args": ["mcp", "--kubeconfig", "${kubeconfig}", "--allow-destructive"] }
              }
            }' > mcp/server.json
          echo ""
          echo "Generated server.json:"
          cat mcp/server.json
      - name: Install mcp-publisher
        shell: bash
        run: |
          echo "Installing mcp-publisher..."
          curl -sfL "https://github.com/modelcontextprotocol/registry/releases/latest/download/mcp-publisher_linux_amd64.tar.gz" | tar xz
          chmod +x mcp-publisher
          sudo mv mcp-publisher /usr/local/bin/
          echo "mcp-publisher installed successfully"
      - name: Login to MCP Registry
        if: github.event_name != 'workflow_dispatch' || github.event.inputs.dry_run != 'true'
        shell: bash
        run: mcp-publisher login github
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Publish to MCP Registry
        if: github.event_name != 'workflow_dispatch' || github.event.inputs.dry_run != 'true'
        shell: bash
        run: |
          cd mcp
          echo "Publishing to MCP Registry..."
          if ! mcp-publisher publish; then
            echo "::error::Failed to publish to MCP Registry"
            exit 1
          fi
          echo "Successfully published to MCP Registry"
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Dry-run summary
        if: github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true'
        shell: bash
        run: |
          echo "=============================================="
          echo "DRY RUN - Would publish the following server.json"
          echo "=============================================="
          cat mcp/server.json
          echo ""
          echo "=============================================="
          echo "SHA256 checksums downloaded:"
          echo "=============================================="
          cat bin/*.sha256 2>/dev/null || echo "No SHA256 files found"
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -43,6 +43,23 @@ jobs:
        run: |
          echo '${{ steps.version.outputs.tag }}' >> bin/version.txt
      - name: Create MCP Registry artifacts
        shell: bash
        run: |
          cd bin
          # Create .mcpb copies for MCP Registry (URL must contain "mcp")
          for f in kubeshark_linux_amd64 kubeshark_linux_arm64 kubeshark_darwin_amd64 kubeshark_darwin_arm64; do
            if [ -f "$f" ]; then
              cp "$f" "${f/kubeshark_/kubeshark-mcp_}.mcpb"
              shasum -a 256 "${f/kubeshark_/kubeshark-mcp_}.mcpb" > "${f/kubeshark_/kubeshark-mcp_}.mcpb.sha256"
            fi
          done
          # Handle Windows executable
          if [ -f "kubeshark.exe" ]; then
            cp kubeshark.exe kubeshark-mcp_windows_amd64.mcpb
            shasum -a 256 kubeshark-mcp_windows_amd64.mcpb > kubeshark-mcp_windows_amd64.mcpb.sha256
          fi
      - name: Release
        uses: ncipollo/release-action@v1
        with:
@@ -52,16 +69,9 @@ jobs:
          prerelease: false
          bodyFile: 'bin/README.md'
-  brew:
+  mcp-publish:
-    name: Publish a new Homebrew formulae
+    name: Publish to MCP Registry
    needs: [release]
-    runs-on: ubuntu-latest
+    uses: ./.github/workflows/mcp-publish.yml
-    steps:
+    with:
-      - name: Bump core homebrew formula
+      release_tag: ${{ needs.release.outputs.version }}
        uses: mislav/bump-homebrew-formula-action@v3
        with:
          # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula:
          formula-name: kubeshark
          push-to: kubeshark/homebrew-core
        env:
          COMMITTER_TOKEN: ${{ secrets.COMMITTER_TOKEN }}
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -7,7 +7,7 @@ Please read and follow the guidelines below.
 ## Communication
-* Before starting work on a major feature, please reach out to us via [GitHub](https://github.com/kubeshark/kubeshark), [Discord](https://discord.gg/WkvRGMUcx7), [Slack](https://join.slack.com/t/kubeshark/shared_invite/zt-1k3sybpq9-uAhFkuPJiJftKniqrGHGhg), [email](mailto:info@kubeshark.co), etc. We will make sure no one else is already working on it. A _major feature_ is defined as any change that is > 100 LOC altered (not including tests), or changes any user-facing behavior
+* Before starting work on a major feature, please reach out to us via [GitHub](https://github.com/kubeshark/kubeshark), [Discord](https://discord.gg/WkvRGMUcx7), [Slack](https://join.slack.com/t/kubeshark/shared_invite/zt-1k3sybpq9-uAhFkuPJiJftKniqrGHGhg), [email](mailto:info@kubeshark.com), etc. We will make sure no one else is already working on it. A _major feature_ is defined as any change that is > 100 LOC altered (not including tests), or changes any user-facing behavior
 * Small patches and bug fixes don't need prior communication.
 ## Contribution Requirements
--- a/78
+++ b/78
@@ -74,6 +74,69 @@ clean: ## Clean all build artifacts.
 test: ## Run cli tests.
 	@go test ./... -coverpkg=./... -race -coverprofile=coverage.out -covermode=atomic
 test-integration: ## Run integration tests (requires Kubernetes cluster).
 	@echo "Running integration tests..."
 	@LOG_FILE=$$(mktemp /tmp/integration-test.XXXXXX.log); \
 	go test -tags=integration -timeout $${INTEGRATION_TIMEOUT:-5m} -v ./integration/... 2>&1 | tee $$LOG_FILE; \
 	status=$$?; \
 	echo ""; \
 	echo "========================================"; \
 	echo "         INTEGRATION TEST SUMMARY"; \
 	echo "========================================"; \
 	grep -E "^(--- PASS|--- FAIL|--- SKIP)" $$LOG_FILE || true; \
 	echo "----------------------------------------"; \
 	pass=$$(grep -c "^--- PASS" $$LOG_FILE 2>/dev/null || true); \
 	fail=$$(grep -c "^--- FAIL" $$LOG_FILE 2>/dev/null || true); \
 	skip=$$(grep -c "^--- SKIP" $$LOG_FILE 2>/dev/null || true); \
 	echo "PASSED:  $${pass:-0}"; \
 	echo "FAILED:  $${fail:-0}"; \
 	echo "SKIPPED: $${skip:-0}"; \
 	echo "========================================"; \
 	rm -f $$LOG_FILE; \
 	exit $$status
 test-integration-mcp: ## Run only MCP integration tests.
 	@echo "Running MCP integration tests..."
 	@LOG_FILE=$$(mktemp /tmp/integration-test.XXXXXX.log); \
 	go test -tags=integration -timeout $${INTEGRATION_TIMEOUT:-5m} -v ./integration/ -run "MCP" 2>&1 | tee $$LOG_FILE; \
 	status=$$?; \
 	echo ""; \
 	echo "========================================"; \
 	echo "         INTEGRATION TEST SUMMARY"; \
 	echo "========================================"; \
 	grep -E "^(--- PASS|--- FAIL|--- SKIP)" $$LOG_FILE || true; \
 	echo "----------------------------------------"; \
 	pass=$$(grep -c "^--- PASS" $$LOG_FILE 2>/dev/null || true); \
 	fail=$$(grep -c "^--- FAIL" $$LOG_FILE 2>/dev/null || true); \
 	skip=$$(grep -c "^--- SKIP" $$LOG_FILE 2>/dev/null || true); \
 	echo "PASSED:  $${pass:-0}"; \
 	echo "FAILED:  $${fail:-0}"; \
 	echo "SKIPPED: $${skip:-0}"; \
 	echo "========================================"; \
 	rm -f $$LOG_FILE; \
 	exit $$status
 test-integration-short: ## Run quick integration tests (skips long-running tests).
 	@echo "Running quick integration tests..."
 	@LOG_FILE=$$(mktemp /tmp/integration-test.XXXXXX.log); \
 	go test -tags=integration -timeout $${INTEGRATION_TIMEOUT:-2m} -short -v ./integration/... 2>&1 | tee $$LOG_FILE; \
 	status=$$?; \
 	echo ""; \
 	echo "========================================"; \
 	echo "         INTEGRATION TEST SUMMARY"; \
 	echo "========================================"; \
 	grep -E "^(--- PASS|--- FAIL|--- SKIP)" $$LOG_FILE || true; \
 	echo "----------------------------------------"; \
 	pass=$$(grep -c "^--- PASS" $$LOG_FILE 2>/dev/null || true); \
 	fail=$$(grep -c "^--- FAIL" $$LOG_FILE 2>/dev/null || true); \
 	skip=$$(grep -c "^--- SKIP" $$LOG_FILE 2>/dev/null || true); \
 	echo "PASSED:  $${pass:-0}"; \
 	echo "FAILED:  $${fail:-0}"; \
 	echo "SKIPPED: $${skip:-0}"; \
 	echo "========================================"; \
 	rm -f $$LOG_FILE; \
 	exit $$status
 lint: ## Lint the source code.
 	golangci-lint run
@@ -84,8 +147,10 @@ kubectl-view-kubeshark-resources: ## This command outputs all Kubernetes resourc
 	./kubectl.sh view-kubeshark-resources
 generate-helm-values: ## Generate the Helm values from config.yaml
-	mv ~/.kubeshark/config.yaml ~/.kubeshark/config.yaml.old; bin/kubeshark__ config>helm-chart/values.yaml;mv ~/.kubeshark/config.yaml.old ~/.kubeshark/config.yaml
+# 	[ -f ~/.kubeshark/config.yaml ] && mv ~/.kubeshark/config.yaml ~/.kubeshark/config.yaml.old
-	sed -i 's/^license:.*/license: ""/' helm-chart/values.yaml && sed -i '1i # find a detailed description here: https://github.com/kubeshark/kubeshark/blob/master/helm-chart/README.md' helm-chart/values.yaml 
+	bin/kubeshark__ config>helm-chart/values.yaml
 # 	[ -f ~/.kubeshark/config.yaml.old ] && mv ~/.kubeshark/config.yaml.old ~/.kubeshark/config.yaml
 # 	sed -i 's/^license:.*/license: ""/' helm-chart/values.yaml && sed -i '1i # find a detailed description here: https://github.com/kubeshark/kubeshark/blob/master/helm-chart/README.md' helm-chart/values.yaml 
 generate-manifests: ## Generate the manifests from the Helm chart using default configuration
 	helm template kubeshark -n default ./helm-chart > ./manifests/complete.yaml
@@ -189,8 +254,8 @@ release:
 	@make generate-helm-values && make generate-manifests
 	@git add -A . && git commit -m ":bookmark: Bump the Helm chart version to $(VERSION)" && git push
 	@git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags
-	@cd helm-chart && rm -rf ../../kubeshark.github.io/charts/chart && mkdir ../../kubeshark.github.io/charts/chart && cp -r . ../../kubeshark.github.io/charts/chart/
+	@rm -rf ../kubeshark.github.io/charts/chart && mkdir ../kubeshark.github.io/charts/chart && cp -r helm-chart/ ../kubeshark.github.io/charts/chart/
-	@cd ../../kubeshark.github.io/ && git add -A . && git commit -m ":sparkles: Update the Helm chart" && git push
+	@cd ../kubeshark.github.io/ && git add -A . && git commit -m ":sparkles: Update the Helm chart" && git push
 	@cd ../kubeshark
 release-dry-run:
@@ -198,11 +263,14 @@ release-dry-run:
 	@cd ../tracer && git checkout master && git pull 
 	@cd ../hub && git checkout master && git pull
 	@cd ../front && git checkout master && git pull 
-	@cd ../kubeshark && git checkout master && git pull && sed -i "s/^version:.*/version: \"$(shell echo $(VERSION) | sed -E 's/^([0-9]+\.[0-9]+\.[0-9]+)\..*/\1/')\"/" helm-chart/Chart.yaml && make
+	@cd ../kubeshark && sed -i "s/^version:.*/version: \"$(shell echo $(VERSION) | sed -E 's/^([0-9]+\.[0-9]+\.[0-9]+)\..*/\1/')\"/" helm-chart/Chart.yaml && make
 	@if [ "$(shell uname)" = "Darwin" ]; then \
 		codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/kubeshark__; \
 	fi
 	@make generate-helm-values && make generate-manifests
 	@rm -rf ../kubeshark.github.io/charts/chart && mkdir ../kubeshark.github.io/charts/chart && cp -r helm-chart/ ../kubeshark.github.io/charts/chart/
 	@cd ../kubeshark.github.io/
 	@cd ../kubeshark
 branch:
 	@cd ../worker && git checkout master && git pull && git checkout -b $(name); git push --set-upstream origin $(name)
--- a/README.md
+++ b/README.md
@@ -1,86 +1,132 @@
 <p align="center">
-  <img src="https://raw.githubusercontent.com/kubeshark/assets/master/svg/kubeshark-logo.svg" alt="Kubeshark: Traffic analyzer for Kubernetes." height="128px"/>
+  <img src="https://raw.githubusercontent.com/kubeshark/assets/master/svg/kubeshark-logo.svg" alt="Kubeshark" height="120px"/>
 </p>
 <p align="center">
-    <a href="https://github.com/kubeshark/kubeshark/releases/latest">
+    <a href="https://github.com/kubeshark/kubeshark/releases/latest"><img alt="Release" src="https://img.shields.io/github/v/release/kubeshark/kubeshark?logo=GitHub&style=flat-square"></a>
-        <img alt="GitHub Latest Release" src="https://img.shields.io/github/v/release/kubeshark/kubeshark?logo=GitHub&style=flat-square">
+    <a href="https://hub.docker.com/r/kubeshark/worker"><img alt="Docker pulls" src="https://img.shields.io/docker/pulls/kubeshark/worker?color=%23099cec&logo=Docker&style=flat-square"></a>
-    </a>
+    <a href="https://discord.gg/WkvRGMUcx7"><img alt="Discord" src="https://img.shields.io/discord/1042559155224973352?logo=Discord&style=flat-square&label=discord"></a>
-    <a href="https://hub.docker.com/r/kubeshark/worker">
+    <a href="https://join.slack.com/t/kubeshark/shared_invite/zt-3jdcdgxdv-1qNkhBh9c6CFoE7bSPkpBQ"><img alt="Slack" src="https://img.shields.io/badge/slack-join_chat-green?logo=Slack&style=flat-square"></a>
      <img alt="Docker pulls" src="https://img.shields.io/docker/pulls/kubeshark/worker?color=%23099cec&logo=Docker&style=flat-square">
    </a>
    <a href="https://hub.docker.com/r/kubeshark/worker">
      <img alt="Image size" src="https://img.shields.io/docker/image-size/kubeshark/kubeshark/latest?logo=Docker&style=flat-square">
    </a>
    <a href="https://discord.gg/WkvRGMUcx7">
      <img alt="Discord" src="https://img.shields.io/discord/1042559155224973352?logo=Discord&style=flat-square&label=discord">
    </a>
    <a href="https://join.slack.com/t/kubeshark/shared_invite/zt-1m90td3n7-VHxN_~V5kVp80SfQW3SfpA">
      <img alt="Slack" src="https://img.shields.io/badge/slack-join_chat-green?logo=Slack&style=flat-square&label=slack">
    </a>
 </p>
 <p align="center"><b>Network Intelligence for Kubernetes</b></p>
 <p align="center">
-  <b>
+  <a href="https://demo.kubeshark.com/">Live Demo</a> · <a href="https://docs.kubeshark.com">Docs</a>
    Want to see Kubeshark in action right now? Visit this
    <a href="https://demo.kubeshark.co/">live demo deployment</a> of Kubeshark.
  </b>
 </p>
-**Kubeshark** is a network observability platform for Kubernetes, providing real-time, cluster-wide visibility into Kubernetes’ network. It enables users to inspect all internal and external cluster communications, API calls, and data in transit. Additionally, Kubeshark detects anomalies and emergent behaviors, trigger autonomous remediations, and generate deep network insights.
+---
-![Simple UI](https://github.com/kubeshark/assets/raw/master/png/kubeshark-ui.png)
+* **Cluster-wide, real-time visibility into every packet, API call, and service interaction.** 
 * Replay any moment in time. 
 * Resolve incidents at the speed of LLMs. 100% on-premises.
-Think [TCPDump](https://en.wikipedia.org/wiki/Tcpdump) and [Wireshark](https://www.wireshark.org/) reimagined for Kubernetes.
+![Kubeshark](https://github.com/kubeshark/assets/raw/master/png/stream.png)
-#### Service-Map w/Kubernetes Context
+---
-![Service Map with Kubernetes Context](https://github.com/kubeshark/assets/raw/master/png/kubeshark-servicemap.png)
+## Get Started
-#### Cluster-Wide PCAP Recording
+```bash
-
+helm repo add kubeshark https://helm.kubeshark.com
 ![Cluster-Wide PCAP Recording](https://github.com/kubeshark/assets/raw/master/png/pcap-recording.png)
 ## Getting Started
 Download **Kubeshark**'s binary distribution [latest release](https://github.com/kubeshark/kubeshark/releases/latest) or use one of the following methods to deploy **Kubeshark**. The [web-based dashboard](https://docs.kubeshark.co/en/ui) should open in your browser, showing a real-time view of your cluster's traffic.
 ### Homebrew
 [Homebrew](https://brew.sh/) :beer: users can install the Kubeshark CLI with:
 ```shell
 brew install kubeshark
 kubeshark tap
 ```
 To clean up:
 ```shell
 kubeshark clean
 ```
 ### Helm
 Add the Helm repository and install the chart:
 ```shell
 helm repo add kubeshark https://helm.kubeshark.co
 helm install kubeshark kubeshark/kubeshark
 ```
 Follow the on-screen instructions how to connect to the dashboard.
-To clean up:
+Dashboard opens automatically. You're capturing traffic.
-```shell
+
-helm uninstall kubeshark
+**With AI** — connect your assistant and debug with natural language:
 ```bash
 brew install kubeshark
 claude mcp add kubeshark -- kubeshark mcp
 ```
-## Building From Source
+> *"Why did checkout fail at 2:15 PM?"*
 > *"Which services have error rates above 1%?"*
-Clone this repository and run the `make` command to build it. After the build is complete, the executable can be found at `./bin/kubeshark`.
+[MCP setup guide →](https://docs.kubeshark.com/en/mcp)
-## Documentation
+---
-To learn more, read the [documentation](https://docs.kubeshark.co).
+## Why Kubeshark
 - **Instant root cause** — trace requests across services, see exact errors
 - **Zero instrumentation** — no code changes, no SDKs, just deploy
 - **Full payload capture** — request/response bodies, headers, timing
 - **TLS decryption** — see encrypted traffic without managing keys
 - **AI-ready** — query traffic with natural language via MCP
 ---
 ### Traffic Analysis and API Dissection
 Capture and inspect every API call across your cluster—HTTP, gRPC, Redis, Kafka, DNS, and more. Request/response matching with full payloads, parsed according to protocol specifications. Headers, timing, and complete context. Zero instrumentation required.
 ![API context](https://github.com/kubeshark/assets/raw/master/png/api_context.png)
 [Learn more →](https://docs.kubeshark.com/en/v2/l7_api_dissection)
 ### L4/L7 Workload Map
 Visualize how your services communicate. See dependencies, traffic flow, and identify anomalies at a glance.
 ![Service Map](https://github.com/kubeshark/assets/raw/master/png/servicemap.png)
 [Learn more →](https://docs.kubeshark.com/en/v2/service_map)
 ### AI-Powered Root Cause Analysis
 Resolve production issues in minutes instead of hours. Connect your AI assistant and investigate incidents using natural language. Build network-aware AI agents for forensics, monitoring, compliance, and security.
 > *"Why did checkout fail at 2:15 PM?"*
 > *"Which services have error rates above 1%?"*
 > *"Trace request abc123 through all services"*
 Works with Claude Code, Cursor, and any MCP-compatible AI.
 [MCP setup guide →](https://docs.kubeshark.com/en/mcp)
 ### Traffic Retention
 Retain every packet. Take snapshots. Export PCAP files. Replay any moment in time.
 ![Traffic Retention](https://github.com/kubeshark/assets/raw/master/png/snapshots.png)
 [Snapshots guide →](https://docs.kubeshark.com/en/v2/traffic_snapshots)
 ---
 ## Features
 | Feature | Description |
 |---------|-------------|
 | [**Raw Capture**](https://docs.kubeshark.com/en/v2/raw_capture) | Continuous cluster-wide packet capture with minimal overhead |
 | [**Traffic Snapshots**](https://docs.kubeshark.com/en/v2/traffic_snapshots) | Point-in-time snapshots, export as PCAP for Wireshark |
 | [**L7 API Dissection**](https://docs.kubeshark.com/en/v2/l7_api_dissection) | Request/response matching with full payloads and protocol parsing |
 | [**Protocol Support**](https://docs.kubeshark.com/en/protocols) | HTTP, gRPC, GraphQL, Redis, Kafka, DNS, and more |
 | [**TLS Decryption**](https://docs.kubeshark.com/en/encrypted_traffic) | eBPF-based decryption without key management |
 | [**AI-Powered Analysis**](https://docs.kubeshark.com/en/v2/ai_powered_analysis) | Query traffic with Claude, Cursor, or any MCP-compatible AI |
 | [**Display Filters**](https://docs.kubeshark.com/en/v2/kfl2) | Wireshark-inspired display filters for precise traffic analysis |
 | [**100% On-Premises**](https://docs.kubeshark.com/en/air_gapped) | Air-gapped support, no external dependencies |
 ---
 ## Install
 | Method | Command |
 |--------|---------|
 | Helm | `helm repo add kubeshark https://helm.kubeshark.com && helm install kubeshark kubeshark/kubeshark` |
 | Homebrew | `brew install kubeshark && kubeshark tap` |
 | Binary | [Download](https://github.com/kubeshark/kubeshark/releases/latest) |
 [Installation guide →](https://docs.kubeshark.com/en/install)
 ---
 ## Contributing
-We :heart: pull requests! See [CONTRIBUTING.md](CONTRIBUTING.md) for the contribution guide.
+We welcome contributions. See [CONTRIBUTING.md](CONTRIBUTING.md).
 ## License
 [Apache-2.0](LICENSE)
--- a/cmd/mcp.go
+++ b/cmd/mcp.go
@@ -0,0 +1,125 @@
 package cmd
 import (
 	"github.com/kubeshark/kubeshark/config"
 	"github.com/spf13/cobra"
 )
 var mcpURL string
 var mcpKubeconfig string
 var mcpListTools bool
 var mcpConfig bool
 var mcpAllowDestructive bool
 var mcpCmd = &cobra.Command{
 	Use:   "mcp",
 	Short: "Run MCP (Model Context Protocol) server for AI assistant integration",
 	Long: `Run an MCP server over stdio that exposes Kubeshark's L7 API visibility
 to AI assistants like Claude Desktop.
 TOOLS PROVIDED:
 Cluster Management (work without Kubeshark running):
  - check_kubeshark_status: Check if Kubeshark is running in the cluster
  - start_kubeshark: Start Kubeshark to capture traffic
  - stop_kubeshark: Stop Kubeshark and clean up resources
 Traffic Analysis (require Kubeshark running):
  - list_workloads: Discover pods, services, namespaces, and nodes with L7 traffic
  - list_api_calls: Query L7 API transactions (HTTP, gRPC, etc.)
  - get_api_call: Get detailed information about a specific API call
  - get_api_stats: Get aggregated API statistics
 CONFIGURATION:
 To use with Claude Desktop, add to your claude_desktop_config.json
 (typically at ~/Library/Application Support/Claude/claude_desktop_config.json):
  {
    "mcpServers": {
      "kubeshark": {
        "command": "/path/to/kubeshark",
        "args": ["mcp", "--kubeconfig", "/Users/YOUR_USERNAME/.kube/config"]
      }
    }
  }
 DIRECT URL MODE:
 If Kubeshark is already running and accessible via URL (e.g., exposed via ingress),
 you can connect directly without needing kubectl/kubeconfig:
  {
    "mcpServers": {
      "kubeshark": {
        "command": "/path/to/kubeshark",
        "args": ["mcp", "--url", "https://kubeshark.example.com"]
      }
    }
  }
 In URL mode, destructive tools (start/stop) are disabled since Kubeshark is
 managed externally. The check_kubeshark_status tool remains available to confirm connectivity.
 DESTRUCTIVE OPERATIONS:
 By default, destructive operations (start_kubeshark, stop_kubeshark) are disabled
 to prevent accidental cluster modifications. To enable them, use --allow-destructive:
  {
    "mcpServers": {
      "kubeshark": {
        "command": "/path/to/kubeshark",
        "args": ["mcp", "--allow-destructive", "--kubeconfig", "/path/to/.kube/config"]
      }
    }
  }
 CUSTOM SETTINGS:
 To use custom settings when starting Kubeshark, use the --set flag:
  {
    "mcpServers": {
      "kubeshark": {
        "command": "/path/to/kubeshark",
        "args": ["mcp", "--set", "tap.docker.tag=v52.3"],
        ...
      }
    }
  }
 Multiple --set flags can be used for different settings.`,
 	RunE: func(cmd *cobra.Command, args []string) error {
 		// Handle --mcp-config flag
 		if mcpConfig {
 			printMCPConfig(mcpURL, mcpKubeconfig)
 			return nil
 		}
 		// Set kubeconfig path if provided
 		if mcpKubeconfig != "" {
 			config.Config.Kube.ConfigPathStr = mcpKubeconfig
 		}
 		// Handle --list-tools flag
 		if mcpListTools {
 			listMCPTools(mcpURL)
 			return nil
 		}
 		setFlags, _ := cmd.Flags().GetStringSlice(config.SetCommandName)
 		runMCPWithConfig(setFlags, mcpURL, mcpAllowDestructive)
 		return nil
 	},
 }
 func init() {
 	rootCmd.AddCommand(mcpCmd)
 	mcpCmd.Flags().StringVar(&mcpURL, "url", "", "Direct URL to Kubeshark (e.g., https://kubeshark.example.com). When set, connects directly without kubectl/proxy and disables start/stop tools.")
 	mcpCmd.Flags().StringVar(&mcpKubeconfig, "kubeconfig", "", "Path to kubeconfig file (e.g., /Users/me/.kube/config)")
 	mcpCmd.Flags().BoolVar(&mcpListTools, "list-tools", false, "List available MCP tools and exit")
 	mcpCmd.Flags().BoolVar(&mcpConfig, "mcp-config", false, "Print MCP client configuration JSON and exit")
 	mcpCmd.Flags().BoolVar(&mcpAllowDestructive, "allow-destructive", false, "Enable destructive operations (start_kubeshark, stop_kubeshark). Without this flag, only read-only traffic analysis tools are available.")
 }
--- a/cmd/mcpRunner.go
+++ b/cmd/mcpRunner.go
--- a/cmd/mcp_test.go
+++ b/cmd/mcp_test.go
@@ -0,0 +1,495 @@
 package cmd
 import (
 	"bytes"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
 	"strings"
 	"testing"
 )
 func newTestMCPServer() *mcpServer {
 	return &mcpServer{httpClient: &http.Client{}, stdin: &bytes.Buffer{}, stdout: &bytes.Buffer{}}
 }
 func sendRequest(s *mcpServer, method string, id any, params any) string {
 	req := jsonRPCRequest{
 		JSONRPC: "2.0",
 		ID:      id,
 		Method:  method,
 	}
 	if params != nil {
 		paramsBytes, _ := json.Marshal(params)
 		req.Params = paramsBytes
 	}
 	s.handleRequest(&req)
 	output := s.stdout.(*bytes.Buffer).String()
 	s.stdout.(*bytes.Buffer).Reset()
 	return output
 }
 func parseResponse(t *testing.T, output string) jsonRPCResponse {
 	var resp jsonRPCResponse
 	if err := json.Unmarshal([]byte(strings.TrimSpace(output)), &resp); err != nil {
 		t.Fatalf("Failed to parse response: %v\nOutput: %s", err, output)
 	}
 	return resp
 }
 func TestMCP_Initialize(t *testing.T) {
 	s := newTestMCPServer()
 	resp := parseResponse(t, sendRequest(s, "initialize", 1, nil))
 	if resp.ID != float64(1) || resp.Error != nil {
 		t.Fatalf("Expected ID 1 with no error, got ID=%v, error=%v", resp.ID, resp.Error)
 	}
 	result := resp.Result.(map[string]any)
 	if result["protocolVersion"] != "2024-11-05" {
 		t.Errorf("Expected protocolVersion 2024-11-05, got %v", result["protocolVersion"])
 	}
 	if result["serverInfo"].(map[string]any)["name"] != "kubeshark-mcp" {
 		t.Error("Expected server name kubeshark-mcp")
 	}
 	if !strings.Contains(result["instructions"].(string), "check_kubeshark_status") {
 		t.Error("Instructions should mention check_kubeshark_status")
 	}
 	if _, ok := result["capabilities"].(map[string]any)["prompts"]; !ok {
 		t.Error("Expected prompts capability")
 	}
 }
 func TestMCP_Ping(t *testing.T) {
 	resp := parseResponse(t, sendRequest(newTestMCPServer(), "ping", 42, nil))
 	if resp.ID != float64(42) || resp.Error != nil || len(resp.Result.(map[string]any)) != 0 {
 		t.Errorf("Expected ID 42, no error, empty result")
 	}
 }
 func TestMCP_InitializedNotification(t *testing.T) {
 	s := newTestMCPServer()
 	for _, method := range []string{"initialized", "notifications/initialized"} {
 		if output := sendRequest(s, method, nil, nil); output != "" {
 			t.Errorf("Expected no output for %s, got: %s", method, output)
 		}
 	}
 }
 func TestMCP_UnknownMethod(t *testing.T) {
 	resp := parseResponse(t, sendRequest(newTestMCPServer(), "unknown/method", 1, nil))
 	if resp.Error == nil || resp.Error.Code != -32601 {
 		t.Fatalf("Expected error code -32601, got %v", resp.Error)
 	}
 }
 func TestMCP_PromptsList(t *testing.T) {
 	resp := parseResponse(t, sendRequest(newTestMCPServer(), "prompts/list", 1, nil))
 	if resp.Error != nil {
 		t.Fatalf("Unexpected error: %v", resp.Error)
 	}
 	prompts := resp.Result.(map[string]any)["prompts"].([]any)
 	if len(prompts) != 1 || prompts[0].(map[string]any)["name"] != "kubeshark_usage" {
 		t.Error("Expected 1 prompt named 'kubeshark_usage'")
 	}
 }
 func TestMCP_PromptsGet(t *testing.T) {
 	resp := parseResponse(t, sendRequest(newTestMCPServer(), "prompts/get", 1, map[string]any{"name": "kubeshark_usage"}))
 	if resp.Error != nil {
 		t.Fatalf("Unexpected error: %v", resp.Error)
 	}
 	messages := resp.Result.(map[string]any)["messages"].([]any)
 	if len(messages) == 0 {
 		t.Fatal("Expected at least one message")
 	}
 	text := messages[0].(map[string]any)["content"].(map[string]any)["text"].(string)
 	for _, phrase := range []string{"check_kubeshark_status", "start_kubeshark", "stop_kubeshark"} {
 		if !strings.Contains(text, phrase) {
 			t.Errorf("Prompt should contain '%s'", phrase)
 		}
 	}
 }
 func TestMCP_PromptsGet_UnknownPrompt(t *testing.T) {
 	resp := parseResponse(t, sendRequest(newTestMCPServer(), "prompts/get", 1, map[string]any{"name": "unknown"}))
 	if resp.Error == nil || resp.Error.Code != -32602 {
 		t.Fatalf("Expected error code -32602, got %v", resp.Error)
 	}
 }
 func TestMCP_ToolsList_CLIOnly(t *testing.T) {
 	resp := parseResponse(t, sendRequest(newTestMCPServer(), "tools/list", 1, nil))
 	if resp.Error != nil {
 		t.Fatalf("Unexpected error: %v", resp.Error)
 	}
 	tools := resp.Result.(map[string]any)["tools"].([]any)
 	if len(tools) != 1 || tools[0].(map[string]any)["name"] != "check_kubeshark_status" {
 		t.Error("Expected only check_kubeshark_status tool")
 	}
 }
 func TestMCP_ToolsList_WithDestructive(t *testing.T) {
 	s := &mcpServer{httpClient: &http.Client{}, stdin: &bytes.Buffer{}, stdout: &bytes.Buffer{}, allowDestructive: true}
 	resp := parseResponse(t, sendRequest(s, "tools/list", 1, nil))
 	if resp.Error != nil {
 		t.Fatalf("Unexpected error: %v", resp.Error)
 	}
 	tools := resp.Result.(map[string]any)["tools"].([]any)
 	toolNames := make(map[string]bool)
 	for _, tool := range tools {
 		toolNames[tool.(map[string]any)["name"].(string)] = true
 	}
 	for _, expected := range []string{"check_kubeshark_status", "start_kubeshark", "stop_kubeshark"} {
 		if !toolNames[expected] {
 			t.Errorf("Missing expected tool: %s", expected)
 		}
 	}
 }
 func TestMCP_ToolsList_WithHubBackend(t *testing.T) {
 	mockServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.URL.Path == "/" || r.URL.Path == "" {
 			_, _ = w.Write([]byte(`{"name":"hub","tools":[{"name":"list_workloads","description":"","inputSchema":{}},{"name":"list_api_calls","description":"","inputSchema":{}}]}`))
 		}
 	}))
 	defer mockServer.Close()
 	s := &mcpServer{httpClient: &http.Client{}, stdin: &bytes.Buffer{}, stdout: &bytes.Buffer{}, hubBaseURL: mockServer.URL, backendInitialized: true, allowDestructive: true}
 	resp := parseResponse(t, sendRequest(s, "tools/list", 1, nil))
 	if resp.Error != nil {
 		t.Fatalf("Unexpected error: %v", resp.Error)
 	}
 	tools := resp.Result.(map[string]any)["tools"].([]any)
 	// Should have CLI tools (3) + Hub tools (2) = 5 tools
 	if len(tools) < 5 {
 		t.Errorf("Expected at least 5 tools, got %d", len(tools))
 	}
 }
 func TestMCP_ToolsCallUnknownTool(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusNotFound)
 	})
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "unknown"}))
 	if !resp.Result.(map[string]any)["isError"].(bool) {
 		t.Error("Expected isError=true for unknown tool")
 	}
 }
 func TestMCP_ToolsCallInvalidParams(t *testing.T) {
 	s := newTestMCPServer()
 	req := jsonRPCRequest{JSONRPC: "2.0", ID: 1, Method: "tools/call", Params: json.RawMessage(`"invalid"`)}
 	s.handleRequest(&req)
 	resp := parseResponse(t, s.stdout.(*bytes.Buffer).String())
 	if resp.Error == nil || resp.Error.Code != -32602 {
 		t.Fatalf("Expected error code -32602")
 	}
 }
 func TestMCP_CheckKubesharkStatus(t *testing.T) {
 	for _, tc := range []struct {
 		name string
 		args map[string]any
 	}{
 		{"no_config", map[string]any{}},
 		{"with_namespace", map[string]any{"release_namespace": "custom-ns"}},
 	} {
 		t.Run(tc.name, func(t *testing.T) {
 			resp := parseResponse(t, sendRequest(newTestMCPServer(), "tools/call", 1, mcpCallToolParams{Name: "check_kubeshark_status", Arguments: tc.args}))
 			if resp.Error != nil {
 				t.Fatalf("Unexpected error: %v", resp.Error)
 			}
 			content := resp.Result.(map[string]any)["content"].([]any)
 			if len(content) == 0 || content[0].(map[string]any)["text"].(string) == "" {
 				t.Error("Expected non-empty response")
 			}
 		})
 	}
 }
 func newTestMCPServerWithMockBackend(handler http.HandlerFunc) (*mcpServer, *httptest.Server) {
 	mockServer := httptest.NewServer(handler)
 	return &mcpServer{httpClient: &http.Client{}, stdin: &bytes.Buffer{}, stdout: &bytes.Buffer{}, hubBaseURL: mockServer.URL, backendInitialized: true}, mockServer
 }
 type hubToolCallRequest struct {
 	Tool      string         `json:"tool"`
 	Arguments map[string]any `json:"arguments"`
 }
 func newMockHubHandler(t *testing.T, handler func(req hubToolCallRequest) (string, int)) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		if r.URL.Path != "/tools/call" || r.Method != http.MethodPost {
 			w.WriteHeader(http.StatusNotFound)
 			return
 		}
 		var req hubToolCallRequest
 		_ = json.NewDecoder(r.Body).Decode(&req)
 		resp, status := handler(req)
 		w.WriteHeader(status)
 		_, _ = w.Write([]byte(resp))
 	}
 }
 func TestMCP_ListWorkloads(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(newMockHubHandler(t, func(req hubToolCallRequest) (string, int) {
 		if req.Tool != "list_workloads" {
 			t.Errorf("Expected tool 'list_workloads', got %s", req.Tool)
 		}
 		return `{"workloads": [{"name": "test-pod"}]}`, http.StatusOK
 	}))
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "list_workloads", Arguments: map[string]any{"type": "pod"}}))
 	if resp.Error != nil {
 		t.Fatalf("Unexpected error: %v", resp.Error)
 	}
 	text := resp.Result.(map[string]any)["content"].([]any)[0].(map[string]any)["text"].(string)
 	if !strings.Contains(text, "test-pod") {
 		t.Errorf("Expected 'test-pod' in response")
 	}
 }
 func TestMCP_ListAPICalls(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(newMockHubHandler(t, func(req hubToolCallRequest) (string, int) {
 		if req.Tool != "list_api_calls" {
 			t.Errorf("Expected tool 'list_api_calls', got %s", req.Tool)
 		}
 		return `{"calls": [{"id": "123", "path": "/api/users"}]}`, http.StatusOK
 	}))
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "list_api_calls", Arguments: map[string]any{"proto": "http"}}))
 	if resp.Error != nil {
 		t.Fatalf("Unexpected error: %v", resp.Error)
 	}
 	if !strings.Contains(resp.Result.(map[string]any)["content"].([]any)[0].(map[string]any)["text"].(string), "/api/users") {
 		t.Error("Expected '/api/users' in response")
 	}
 }
 func TestMCP_GetAPICall(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(newMockHubHandler(t, func(req hubToolCallRequest) (string, int) {
 		if req.Tool != "get_api_call" || req.Arguments["id"] != "abc123" {
 			t.Errorf("Expected get_api_call with id=abc123")
 		}
 		return `{"id": "abc123", "path": "/api/orders"}`, http.StatusOK
 	}))
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "get_api_call", Arguments: map[string]any{"id": "abc123"}}))
 	if resp.Error != nil || !strings.Contains(resp.Result.(map[string]any)["content"].([]any)[0].(map[string]any)["text"].(string), "abc123") {
 		t.Error("Expected response containing 'abc123'")
 	}
 }
 func TestMCP_GetAPICall_MissingID(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(newMockHubHandler(t, func(req hubToolCallRequest) (string, int) {
 		return `{"error": "id is required"}`, http.StatusBadRequest
 	}))
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "get_api_call", Arguments: map[string]any{}}))
 	if !resp.Result.(map[string]any)["isError"].(bool) {
 		t.Error("Expected isError=true")
 	}
 }
 func TestMCP_GetAPIStats(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(newMockHubHandler(t, func(req hubToolCallRequest) (string, int) {
 		if req.Tool != "get_api_stats" {
 			t.Errorf("Expected get_api_stats")
 		}
 		return `{"stats": {"total_calls": 1000}}`, http.StatusOK
 	}))
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "get_api_stats", Arguments: map[string]any{"ns": "prod"}}))
 	if resp.Error != nil || !strings.Contains(resp.Result.(map[string]any)["content"].([]any)[0].(map[string]any)["text"].(string), "total_calls") {
 		t.Error("Expected 'total_calls' in response")
 	}
 }
 func TestMCP_APITools_BackendError(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusInternalServerError)
 	})
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "list_workloads"}))
 	if !resp.Result.(map[string]any)["isError"].(bool) {
 		t.Error("Expected isError=true for backend error")
 	}
 }
 func TestMCP_APITools_BackendConnectionError(t *testing.T) {
 	s := &mcpServer{httpClient: &http.Client{}, stdin: &bytes.Buffer{}, stdout: &bytes.Buffer{}, hubBaseURL: "http://localhost:99999", backendInitialized: true}
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "list_workloads"}))
 	if !resp.Result.(map[string]any)["isError"].(bool) {
 		t.Error("Expected isError=true for connection error")
 	}
 }
 func TestMCP_RunLoop_ParseError(t *testing.T) {
 	output := &bytes.Buffer{}
 	s := &mcpServer{httpClient: &http.Client{}, stdin: strings.NewReader("invalid\n"), stdout: output}
 	s.run()
 	if resp := parseResponse(t, output.String()); resp.Error == nil || resp.Error.Code != -32700 {
 		t.Fatalf("Expected error code -32700")
 	}
 }
 func TestMCP_RunLoop_MultipleRequests(t *testing.T) {
 	output := &bytes.Buffer{}
 	s := &mcpServer{httpClient: &http.Client{}, stdin: strings.NewReader(`{"jsonrpc":"2.0","id":1,"method":"ping"}
 {"jsonrpc":"2.0","id":2,"method":"ping"}
 `), stdout: output}
 	s.run()
 	if lines := strings.Split(strings.TrimSpace(output.String()), "\n"); len(lines) != 2 {
 		t.Fatalf("Expected 2 responses, got %d", len(lines))
 	}
 }
 func TestMCP_RunLoop_EmptyLines(t *testing.T) {
 	output := &bytes.Buffer{}
 	s := &mcpServer{httpClient: &http.Client{}, stdin: strings.NewReader("\n\n{\"jsonrpc\":\"2.0\",\"id\":1,\"method\":\"ping\"}\n"), stdout: output}
 	s.run()
 	if lines := strings.Split(strings.TrimSpace(output.String()), "\n"); len(lines) != 1 {
 		t.Fatalf("Expected 1 response, got %d", len(lines))
 	}
 }
 func TestMCP_ResponseFormat(t *testing.T) {
 	s := newTestMCPServer()
 	// Numeric ID
 	if resp := parseResponse(t, sendRequest(s, "ping", 123, nil)); resp.ID != float64(123) || resp.JSONRPC != "2.0" {
 		t.Errorf("Expected ID 123 and jsonrpc 2.0")
 	}
 	// String ID
 	if resp := parseResponse(t, sendRequest(s, "ping", "str", nil)); resp.ID != "str" {
 		t.Errorf("Expected ID 'str'")
 	}
 }
 func TestMCP_ToolCallResult_ContentFormat(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(func(w http.ResponseWriter, r *http.Request) {
 		_, _ = w.Write([]byte(`{"data": "test"}`))
 	})
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "list_workloads"}))
 	content := resp.Result.(map[string]any)["content"].([]any)
 	if len(content) == 0 || content[0].(map[string]any)["type"] != "text" {
 		t.Error("Expected content with type=text")
 	}
 }
 func TestMCP_CommandArgs(t *testing.T) {
 	// Test start command args building
 	for _, tc := range []struct {
 		args     map[string]any
 		expected string
 	}{
 		{map[string]any{}, "tap --set headless=true"},
 		{map[string]any{"pod_regex": "nginx.*"}, "tap nginx.* --set headless=true"},
 		{map[string]any{"namespaces": "default"}, "tap -n default --set headless=true"},
 		{map[string]any{"release_namespace": "ks"}, "tap -s ks --set headless=true"},
 	} {
 		cmdArgs := []string{"tap"}
 		if v, _ := tc.args["pod_regex"].(string); v != "" {
 			cmdArgs = append(cmdArgs, v)
 		}
 		if v, _ := tc.args["namespaces"].(string); v != "" {
 			for _, ns := range strings.Split(v, ",") {
 				cmdArgs = append(cmdArgs, "-n", strings.TrimSpace(ns))
 			}
 		}
 		if v, _ := tc.args["release_namespace"].(string); v != "" {
 			cmdArgs = append(cmdArgs, "-s", v)
 		}
 		cmdArgs = append(cmdArgs, "--set", "headless=true")
 		if got := strings.Join(cmdArgs, " "); got != tc.expected {
 			t.Errorf("Expected %q, got %q", tc.expected, got)
 		}
 	}
 }
 func TestMCP_PrettyPrintJSON(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(func(w http.ResponseWriter, r *http.Request) {
 		_, _ = w.Write([]byte(`{"key":"value"}`))
 	})
 	defer mockServer.Close()
 	resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "list_workloads"}))
 	text := resp.Result.(map[string]any)["content"].([]any)[0].(map[string]any)["text"].(string)
 	if !strings.Contains(text, "\n") {
 		t.Error("Expected pretty-printed JSON")
 	}
 }
 func TestMCP_SpecialCharsAndEdgeCases(t *testing.T) {
 	s, mockServer := newTestMCPServerWithMockBackend(func(w http.ResponseWriter, r *http.Request) {
 		_, _ = w.Write([]byte(`{}`))
 	})
 	defer mockServer.Close()
 	// Test special chars, empty args, nil args
 	for _, args := range []map[string]any{
 		{"path": "/api?id=123"},
 		{"id": "abc/123"},
 		{},
 		nil,
 	} {
 		resp := parseResponse(t, sendRequest(s, "tools/call", 1, mcpCallToolParams{Name: "list_workloads", Arguments: args}))
 		if resp.Error != nil {
 			t.Errorf("Unexpected error with args %v: %v", args, resp.Error)
 		}
 	}
 }
 func TestMCP_BackendInitialization_Concurrent(t *testing.T) {
 	s := newTestMCPServer()
 	done := make(chan bool, 10)
 	for i := 0; i < 10; i++ {
 		go func() { s.ensureBackendConnection(); done <- true }()
 	}
 	for i := 0; i < 10; i++ {
 		<-done
 	}
 }
 func TestMCP_FullConversation(t *testing.T) {
 	mockServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.URL.Path == "/" {
 			_, _ = w.Write([]byte(`{"name":"hub","tools":[{"name":"list_workloads","description":"","inputSchema":{}}]}`))
 		} else if r.URL.Path == "/tools/call" {
 			_, _ = w.Write([]byte(`{"data":"ok"}`))
 		}
 	}))
 	defer mockServer.Close()
 	input := `{"jsonrpc":"2.0","id":1,"method":"initialize"}
 {"jsonrpc":"2.0","method":"notifications/initialized"}
 {"jsonrpc":"2.0","id":2,"method":"tools/list"}
 {"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"list_workloads","arguments":{}}}
 `
 	output := &bytes.Buffer{}
 	s := &mcpServer{httpClient: &http.Client{}, stdin: strings.NewReader(input), stdout: output, hubBaseURL: mockServer.URL, backendInitialized: true}
 	s.run()
 	lines := strings.Split(strings.TrimSpace(output.String()), "\n")
 	if len(lines) != 3 { // 3 responses (notification has no response)
 		t.Errorf("Expected 3 responses, got %d", len(lines))
 	}
 	for i, line := range lines {
 		var resp jsonRPCResponse
 		if err := json.Unmarshal([]byte(line), &resp); err != nil || resp.Error != nil {
 			t.Errorf("Response %d: parse error or unexpected error", i)
 		}
 	}
 }
--- a/cmd/pcapDumpRunner.go
+++ b/cmd/pcapDumpRunner.go
@@ -24,7 +24,7 @@ import (
 )
 const (
-	label                 = "app.kubeshark.co/app=worker"
+	label                 = "app.kubeshark.com/app=worker"
 	srcDir                = "pcapdump"
 	maxSnaplen     uint32 = 262144
 	maxTimePerFile        = time.Minute * 5
--- a/config/config.go
+++ b/config/config.go
@@ -58,6 +58,7 @@ func InitConfig(cmd *cobra.Command) error {
 		"pro",
 		"manifests",
 		"license",
 		"mcp",
 	}, cmd.Use) {
 		go version.CheckNewerVersion()
 	}
--- a/config/configStruct.go
+++ b/config/configStruct.go
@@ -116,6 +116,7 @@ func CreateDefaultConfig() ConfigStruct {
 							},
 							CanUpdateTargetedPods:   true,
 							CanStopTrafficCapturing: true,
 							CanControlDissection:    true,
 							ShowAdminConsoleLink:    true,
 						},
 					},
@@ -137,6 +138,10 @@ func CreateDefaultConfig() ConfigStruct {
 				"ldap",
 				"radius",
 				"diameter",
 				"udp-flow",
 				"tcp-flow",
 				"udp-conn",
 				"tcp-conn",
 			},
 			PortMapping: configStructs.PortMapping{
 				HTTP:     []uint16{80, 443, 8080},
@@ -150,8 +155,10 @@ func CreateDefaultConfig() ConfigStruct {
 				CompleteStreamingEnabled: true,
 			},
 			Capture: configStructs.CaptureConfig{
-				Stopped:   false,
+				Dissection: configStructs.DissectionConfig{
-				StopAfter: "5m",
+					Enabled:   true,
 					StopAfter: "5m",
 				},
 			},
 		},
 	}
@@ -175,10 +182,10 @@ type ConfigStruct struct {
 	DumpLogs             bool                          `yaml:"dumpLogs" json:"dumpLogs" default:"false"`
 	HeadlessMode         bool                          `yaml:"headless" json:"headless" default:"false"`
 	License              string                        `yaml:"license" json:"license" default:""`
 	CloudApiUrl          string                        `yaml:"cloudApiUrl" json:"cloudApiUrl" default:"https://api.kubeshark.com"`
 	CloudLicenseEnabled  bool                          `yaml:"cloudLicenseEnabled" json:"cloudLicenseEnabled" default:"true"`
 	AiAssistantEnabled   bool                          `yaml:"aiAssistantEnabled" json:"aiAssistantEnabled" default:"true"`
 	DemoModeEnabled      bool                          `yaml:"demoModeEnabled" json:"demoModeEnabled" default:"false"`
-	SupportChatEnabled   bool                          `yaml:"supportChatEnabled" json:"supportChatEnabled" default:"true"`
+	SupportChatEnabled   bool                          `yaml:"supportChatEnabled" json:"supportChatEnabled" default:"false"`
 	BetaEnabled          bool                          `yaml:"betaEnabled" json:"betaEnabled" default:"false"`
 	InternetConnectivity bool                          `yaml:"internetConnectivity" json:"internetConnectivity" default:"true"`
 	Scripting            configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`
--- a/config/configStructs/scriptingConfig.go
+++ b/config/configStructs/scriptingConfig.go
@@ -12,6 +12,7 @@ import (
 )
 type ScriptingConfig struct {
 	Enabled      bool                   `yaml:"enabled" json:"enabled" default:"false"`
 	Env          map[string]interface{} `yaml:"env" json:"env" default:"{}"`
 	Source       string                 `yaml:"source" json:"source" default:""`
 	Sources      []string               `yaml:"sources" json:"sources" default:"[]"`
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -167,6 +167,7 @@ type Role struct {
 	ScriptingPermissions    ScriptingPermissions `yaml:"scriptingPermissions" json:"scriptingPermissions"`
 	CanUpdateTargetedPods   bool                 `yaml:"canUpdateTargetedPods" json:"canUpdateTargetedPods" default:"false"`
 	CanStopTrafficCapturing bool                 `yaml:"canStopTrafficCapturing" json:"canStopTrafficCapturing" default:"false"`
 	CanControlDissection    bool                 `yaml:"canControlDissection" json:"canControlDissection" default:"false"`
 	ShowAdminConsoleLink    bool                 `yaml:"showAdminConsoleLink" json:"showAdminConsoleLink" default:"false"`
 }
@@ -198,7 +199,7 @@ type RoutingConfig struct {
 }
 type DashboardConfig struct {
-	StreamingType            string `yaml:"streamingType" json:"streamingType" default:""`
+	StreamingType            string `yaml:"streamingType" json:"streamingType" default:"connect-rpc"`
 	CompleteStreamingEnabled bool   `yaml:"completeStreamingEnabled" json:"completeStreamingEnabled" default:"true"`
 }
@@ -207,7 +208,7 @@ type FrontRoutingConfig struct {
 }
 type ReleaseConfig struct {
-	Repo      string `yaml:"repo" json:"repo" default:"https://helm.kubeshark.co"`
+	Repo      string `yaml:"repo" json:"repo" default:"https://helm.kubeshark.com"`
 	Name      string `yaml:"name" json:"name" default:"kubeshark"`
 	Namespace string `yaml:"namespace" json:"namespace" default:"default"`
 }
@@ -251,8 +252,8 @@ type PprofConfig struct {
 type MiscConfig struct {
 	JsonTTL                     string `yaml:"jsonTTL" json:"jsonTTL" default:"5m"`
-	PcapTTL                     string `yaml:"pcapTTL" json:"pcapTTL" default:"10s"`
+	PcapTTL                     string `yaml:"pcapTTL" json:"pcapTTL" default:"0"`
-	PcapErrorTTL                string `yaml:"pcapErrorTTL" json:"pcapErrorTTL" default:"60s"`
+	PcapErrorTTL                string `yaml:"pcapErrorTTL" json:"pcapErrorTTL" default:"0"`
 	TrafficSampleRate           int    `yaml:"trafficSampleRate" json:"trafficSampleRate" default:"100"`
 	TcpStreamChannelTimeoutMs   int    `yaml:"tcpStreamChannelTimeoutMs" json:"tcpStreamChannelTimeoutMs" default:"10000"`
 	TcpStreamChannelTimeoutShow bool   `yaml:"tcpStreamChannelTimeoutShow" json:"tcpStreamChannelTimeoutShow" default:"false"`
@@ -263,7 +264,7 @@ type MiscConfig struct {
 }
 type PcapDumpConfig struct {
-	PcapDumpEnabled  bool   `yaml:"enabled" json:"enabled" default:"true"`
+	PcapDumpEnabled  bool   `yaml:"enabled" json:"enabled" default:"false"`
 	PcapTimeInterval string `yaml:"timeInterval" json:"timeInterval" default:"1m"`
 	PcapMaxTime      string `yaml:"maxTime" json:"maxTime" default:"1h"`
 	PcapMaxSize      string `yaml:"maxSize" json:"maxSize" default:"500MB"`
@@ -300,11 +301,34 @@ type SeLinuxOptionsConfig struct {
 	User  string `yaml:"user" json:"user"`
 }
-type CaptureConfig struct {
+type RawCaptureConfig struct {
-	Stopped   bool   `yaml:"stopped" json:"stopped" default:"false"`
+	Enabled     bool   `yaml:"enabled" json:"enabled" default:"true"`
 	StorageSize string `yaml:"storageSize" json:"storageSize" default:"1Gi"`
 }
 type SnapshotsConfig struct {
 	StorageClass string `yaml:"storageClass" json:"storageClass" default:""`
 	StorageSize  string `yaml:"storageSize" json:"storageSize" default:"20Gi"`
 }
 type DelayedDissectionConfig struct {
 	Image  string `yaml:"image" json:"image" default:"kubeshark/worker:master"`
 	CPU    string `yaml:"cpu" json:"cpu" default:"1"`
 	Memory string `yaml:"memory" json:"memory" default:"4Gi"`
 }
 type DissectionConfig struct {
 	Enabled   bool   `yaml:"enabled" json:"enabled" default:"true"`
 	StopAfter string `yaml:"stopAfter" json:"stopAfter" default:"5m"`
 }
 type CaptureConfig struct {
 	Dissection  DissectionConfig `yaml:"dissection" json:"dissection"`
 	CaptureSelf bool             `yaml:"captureSelf" json:"captureSelf" default:"false"`
 	Raw         RawCaptureConfig `yaml:"raw" json:"raw"`
 	DbMaxSize   string           `yaml:"dbMaxSize" json:"dbMaxSize" default:"500Mi"`
 }
 type TapConfig struct {
 	Docker                         DockerConfig            `yaml:"docker" json:"docker"`
 	Proxy                          ProxyConfig             `yaml:"proxy" json:"proxy"`
@@ -313,13 +337,15 @@ type TapConfig struct {
 	ExcludedNamespaces             []string                `yaml:"excludedNamespaces" json:"excludedNamespaces" default:"[]"`
 	BpfOverride                    string                  `yaml:"bpfOverride" json:"bpfOverride" default:""`
 	Capture                        CaptureConfig           `yaml:"capture" json:"capture"`
 	DelayedDissection              DelayedDissectionConfig `yaml:"delayedDissection" json:"delayedDissection"`
 	Snapshots                      SnapshotsConfig         `yaml:"snapshots" json:"snapshots"`
 	Release                        ReleaseConfig           `yaml:"release" json:"release"`
 	PersistentStorage              bool                    `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
 	PersistentStorageStatic        bool                    `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
 	PersistentStoragePvcVolumeMode string                  `yaml:"persistentStoragePvcVolumeMode" json:"persistentStoragePvcVolumeMode" default:"FileSystem"`
 	EfsFileSytemIdAndPath          string                  `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
 	Secrets                        []string                `yaml:"secrets" json:"secrets" default:"[]"`
-	StorageLimit                   string                  `yaml:"storageLimit" json:"storageLimit" default:"5Gi"`
+	StorageLimit                   string                  `yaml:"storageLimit" json:"storageLimit" default:"10Gi"`
 	StorageClass                   string                  `yaml:"storageClass" json:"storageClass" default:"standard"`
 	DryRun                         bool                    `yaml:"dryRun" json:"dryRun" default:"false"`
 	DnsConfig                      DnsConfig               `yaml:"dns" json:"dns"`
@@ -345,7 +371,7 @@ type TapConfig struct {
 	Watchdog                       WatchdogConfig          `yaml:"watchdog" json:"watchdog"`
 	Gitops                         GitopsConfig            `yaml:"gitops" json:"gitops"`
 	Sentry                         SentryConfig            `yaml:"sentry" json:"sentry"`
-	DefaultFilter                  string                  `yaml:"defaultFilter" json:"defaultFilter" default:"!dns and !error"`
+	DefaultFilter                  string                  `yaml:"defaultFilter" json:"defaultFilter" default:""`
 	LiveConfigMapChangesDisabled   bool                    `yaml:"liveConfigMapChangesDisabled" json:"liveConfigMapChangesDisabled" default:"false"`
 	GlobalFilter                   string                  `yaml:"globalFilter" json:"globalFilter" default:""`
 	EnabledDissectors              []string                `yaml:"enabledDissectors" json:"enabledDissectors"`
@@ -356,6 +382,7 @@ type TapConfig struct {
 	Misc                           MiscConfig              `yaml:"misc" json:"misc"`
 	SecurityContext                SecurityContextConfig   `yaml:"securityContext" json:"securityContext"`
 	MountBpf                       bool                    `yaml:"mountBpf" json:"mountBpf" default:"true"`
 	HostNetwork                    bool                    `yaml:"hostNetwork" json:"hostNetwork" default:"true"`
 }
 func (config *TapConfig) PodRegex() *regexp.Regexp {
--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v2
 name: kubeshark
-version: "52.8.1"
+version: "52.12.0"
 description: The API Traffic Analyzer for Kubernetes
-home: https://kubeshark.co
+home: https://kubeshark.com
 keywords:
  - kubeshark
  - packet capture
@@ -16,9 +16,9 @@ keywords:
  - api
 kubeVersion: '>= 1.16.0-0'
 maintainers:
-  - email: info@kubeshark.co
+  - email: support@kubeshark.com
    name: Kubeshark
-    url: https://kubeshark.co
+    url: https://kubeshark.com
 sources:
  - https://github.com/kubeshark/kubeshark/tree/master/helm-chart
 type: application
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -5,7 +5,7 @@
 Add the Helm repo for Kubeshark:
 ```shell
-helm repo add kubeshark https://helm.kubeshark.co
+helm repo add kubeshark https://helm.kubeshark.com
 ```
 then install Kubeshark:
@@ -69,7 +69,7 @@ When it's necessary, you can use:
 --set license=YOUR_LICENSE_GOES_HERE
 ```
-Get your license from Kubeshark's [Admin Console](https://console.kubeshark.co/).
+Get your license from Kubeshark's [Admin Console](https://console.kubeshark.com/).
 ## Installing with Ingress (EKS) enabled
@@ -120,115 +120,122 @@ Example for overriding image names:
 ## Configuration
-| Parameter                                 | Description                                   | Default                                                 |
+| Parameter                                 | Description                                   | Default                                                                                                                                                                                                                                          |
-|-------------------------------------------|-----------------------------------------------|---------------------------------------------------------|
+|-------------------------------------------|-----------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `tap.docker.registry`                     | Docker registry to pull from                  | `docker.io/kubeshark`                                   |
+| `tap.docker.registry`                     | Docker registry to pull from                  | `docker.io/kubeshark`                                                                                                                                                                                                                            |
-| `tap.docker.tag`                          | Tag of the Docker images                      | `latest`                                                |
+| `tap.docker.tag`                          | Tag of the Docker images                      | `latest`                                                                                                                                                                                                                                         |
-| `tap.docker.tagLocked`                    | Lock the Docker image tags to prevent automatic upgrades to the latest branch image version. | `true`   |
+| `tap.docker.tagLocked`                    | Lock the Docker image tags to prevent automatic upgrades to the latest branch image version. | `true`                                                                                                                                                                                                                                           |
-| `tap.docker.tagLocked`                    | If `false` - use latest minor tag             | `true`                                                  |
+| `tap.docker.tagLocked`                    | If `false` - use latest minor tag             | `true`                                                                                                                                                                                                                                           |
-| `tap.docker.imagePullPolicy`              | Kubernetes image pull policy                  | `Always`                                                |
+| `tap.docker.imagePullPolicy`              | Kubernetes image pull policy                  | `Always`                                                                                                                                                                                                                                         |
-| `tap.docker.imagePullSecrets`             | Kubernetes secrets to pull the images         | `[]`                                                    |
+| `tap.docker.imagePullSecrets`             | Kubernetes secrets to pull the images         | `[]`                                                                                                                                                                                                                                             |
-| `tap.docker.overrideImage`                | Can be used to directly override image names  | `""`                                                    |
+| `tap.docker.overrideImage`                | Can be used to directly override image names  | `""`                                                                                                                                                                                                                                             |
-| `tap.docker.overrideTag`                  | Can be used to override image tags            | `""`                                                    |
+| `tap.docker.overrideTag`                  | Can be used to override image tags            | `""`                                                                                                                                                                                                                                             |
-| `tap.proxy.hub.srvPort`                   | Hub server port. Change if already occupied.  | `8898`                                                  |
+| `tap.proxy.hub.srvPort`                   | Hub server port. Change if already occupied.  | `8898`                                                                                                                                                                                                                                           |
-| `tap.proxy.worker.srvPort`                | Worker server port. Change if already occupied.| `48999`                                                |
+| `tap.proxy.worker.srvPort`                | Worker server port. Change if already occupied.| `48999`                                                                                                                                                                                                                                          |
-| `tap.proxy.front.port`                    | Front service port. Change if already occupied.| `8899`                                                 |
+| `tap.proxy.front.port`                    | Front service port. Change if already occupied.| `8899`                                                                                                                                                                                                                                           |
-| `tap.proxy.host`                          | Change to 0.0.0.0 top open up to the world.   | `127.0.0.1`                                             |
+| `tap.proxy.host`                          | Change to 0.0.0.0 top open up to the world.   | `127.0.0.1`                                                                                                                                                                                                                                      |
-| `tap.regex`                               | Target (process traffic from) pods that match regex | `.*`                                              |
+| `tap.regex`                               | Target (process traffic from) pods that match regex | `.*`                                                                                                                                                                                                                                             |
-| `tap.namespaces`                          | Target pods in namespaces                     | `[]`                                                    |
+| `tap.namespaces`                          | Target pods in namespaces                     | `[]`                                                                                                                                                                                                                                             |
-| `tap.excludedNamespaces`                  | Exclude pods in namespaces                    | `[]`                                                    |
+| `tap.excludedNamespaces`                  | Exclude pods in namespaces                    | `[]`                                                                                                                                                                                                                                             |
-| `tap.bpfOverride`                         | When using AF_PACKET as a traffic capture backend, override any existing pod targeting rules and set explicit BPF expression (e.g. `net 0.0.0.0/0`).                                                          | `[]`                                                    |
+| `tap.bpfOverride`                         | When using AF_PACKET as a traffic capture backend, override any existing pod targeting rules and set explicit BPF expression (e.g. `net 0.0.0.0/0`).                                                          | `[]`                                                                                                                                                                                                                                             |
-| `tap.capture.stopped`                             | Set to `false` to have traffic processing start automatically. When set to `true`, traffic processing is stopped by default, resulting in almost no resource consumption (e.g. Kubeshark is dormant). This property can be dynamically control via the dashboard.      | `false`                                                                                                                                                |
+| `tap.capture.dissection.enabled`                    | Set to `true` to have L7 protocol dissection start automatically. When set to `false`, dissection is disabled by default. This property can be dynamically controlled via the dashboard.      | `true`                                                                                                                                                                                                                                           |
-| `tap.capture.stopAfter`                             | Set to a duration (e.g. `30s`) to have traffic processing stop after no websocket activity between worker and hub.     | `30s`                                                                                                                                                |
+| `tap.capture.dissection.stopAfter`                  | Set to a duration (e.g. `30s`) to have L7 dissection stop after no activity.     | `5m`                                                                                                                                                                                                                                             |
-| `tap.release.repo`                        | URL of the Helm chart repository              | `https://helm.kubeshark.co`                             |
+| `tap.capture.raw.enabled`                           | Enable raw capture of packets and syscalls to disk for offline analysis      | `true`                                                                                                                                                                                                                                          |
-| `tap.release.name`                        | Helm release name                             | `kubeshark`                                             |
+| `tap.capture.raw.storageSize`                       | Maximum storage size for raw capture files (supports K8s quantity format: `1Gi`, `500Mi`, etc.)     | `1Gi`                                                                                                                                                                                                                                            |
-| `tap.release.namespace`                   | Helm release namespace                        | `default`                                               |
+| `tap.capture.dbMaxSize`                           | Maximum size for capture database (e.g., `4Gi`, `2000Mi`). When empty, automatically uses 80% of allocated storage (`tap.storageLimit`).     | `""`                                                                                                                                                                                                                                             |
-| `tap.persistentStorage`                   | Use `persistentVolumeClaim` instead of `emptyDir` | `false`                                             |
+| `tap.snapshots.storageClass`                      | Storage class for snapshots volume. When empty, uses `emptyDir`. When set, creates a PVC with this storage class | `""`                                                                                                                                                                                                                                             |
-| `tap.persistentStorageStatic`             | Use static persistent volume provisioning (explicitly defined `PersistentVolume` ) | `false`            |
+| `tap.snapshots.storageSize`                       | Storage size for snapshots volume (supports K8s quantity format: `1Gi`, `500Mi`, etc.)     | `10Gi`                                                                                                                                                                                                                                            |
-| `tap.persistentStoragePvcVolumeMode` | Set the pvc volume mode (Filesystem\|Block) | `Filesystem` |
+| `tap.release.repo`                        | URL of the Helm chart repository              | `https://helm.kubeshark.com`                                                                                                                                                                                                                        |
-| `tap.efsFileSytemIdAndPath`               | [EFS file system ID and, optionally, subpath and/or access point](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/examples/kubernetes/access_points/README.md) `<FileSystemId>:<Path>:<AccessPointId>`  | ""                             |
+| `tap.release.name`                        | Helm release name                             | `kubeshark`                                                                                                                                                                                                                                      |
-| `tap.storageLimit`                        | Limit of either the `emptyDir` or `persistentVolumeClaim` | `5Gi`                                     |
+| `tap.release.namespace`                   | Helm release namespace                        | `default`                                                                                                                                                                                                                                        |
-| `tap.storageClass`                        | Storage class of the `PersistentVolumeClaim`          | `standard`                                      |
+| `tap.persistentStorage`                   | Use `persistentVolumeClaim` instead of `emptyDir` | `false`                                                                                                                                                                                                                                          |
-| `tap.dryRun`                              | Preview of all pods matching the regex, without tapping them    | `false`                               |
+| `tap.persistentStorageStatic`             | Use static persistent volume provisioning (explicitly defined `PersistentVolume` ) | `false`                                                                                                                                                                                                                                          |
-| `tap.dnsConfig.nameservers`               | Nameservers to use for DNS resolution          | `[]`                                                    |
+| `tap.persistentStoragePvcVolumeMode` | Set the pvc volume mode (Filesystem\|Block) | `Filesystem`                                                                                                                                                                                                                                     |
-| `tap.dnsConfig.searches`                  | Search domains to use for DNS resolution       | `[]`                                                    |
+| `tap.efsFileSytemIdAndPath`               | [EFS file system ID and, optionally, subpath and/or access point](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/examples/kubernetes/access_points/README.md) `<FileSystemId>:<Path>:<AccessPointId>`  | ""                                                                                                                                                                                                                                               |
-| `tap.dnsConfig.options`                   | DNS options to use for DNS resolution          | `[]`                                                    |
+| `tap.storageLimit`                        | Limit of either the `emptyDir` or `persistentVolumeClaim` | `5Gi`                                                                                                                                                                                                                                            |
-| `tap.resources.hub.limits.cpu`            | CPU limit for hub                             | `""`  (no limit)                                                 |
+| `tap.storageClass`                        | Storage class of the `PersistentVolumeClaim`          | `standard`                                                                                                                                                                                                                                       |
-| `tap.resources.hub.limits.memory`         | Memory limit for hub                          | `5Gi`                                                |
+| `tap.dryRun`                              | Preview of all pods matching the regex, without tapping them    | `false`                                                                                                                                                                                                                                          |
-| `tap.resources.hub.requests.cpu`          | CPU request for hub                           | `50m`                                                   |
+| `tap.dnsConfig.nameservers`               | Nameservers to use for DNS resolution          | `[]`                                                                                                                                                                                                                                             |
-| `tap.resources.hub.requests.memory`       | Memory request for hub                        | `50Mi`                                                  |
+| `tap.dnsConfig.searches`                  | Search domains to use for DNS resolution       | `[]`                                                                                                                                                                                                                                             |
-| `tap.resources.sniffer.limits.cpu`        | CPU limit for sniffer                         | `""`  (no limit)                                                    |
+| `tap.dnsConfig.options`                   | DNS options to use for DNS resolution          | `[]`                                                                                                                                                                                                                                             |
-| `tap.resources.sniffer.limits.memory`     | Memory limit for sniffer                      | `3Gi`                                                |
+| `tap.resources.hub.limits.cpu`            | CPU limit for hub                             | `""`  (no limit)                                                                                                                                                                                                                                 |
-| `tap.resources.sniffer.requests.cpu`      | CPU request for sniffer                       | `50m`                                                   |
+| `tap.resources.hub.limits.memory`         | Memory limit for hub                          | `5Gi`                                                                                                                                                                                                                                            |
-| `tap.resources.sniffer.requests.memory`   | Memory request for sniffer                    | `50Mi`                                                  |
+| `tap.resources.hub.requests.cpu`          | CPU request for hub                           | `50m`                                                                                                                                                                                                                                            |
-| `tap.resources.tracer.limits.cpu`         | CPU limit for tracer                          | `""`  (no limit)                                                     |
+| `tap.resources.hub.requests.memory`       | Memory request for hub                        | `50Mi`                                                                                                                                                                                                                                           |
-| `tap.resources.tracer.limits.memory`      | Memory limit for tracer                       | `3Gi`                                                |
+| `tap.resources.sniffer.limits.cpu`        | CPU limit for sniffer                         | `""`  (no limit)                                                                                                                                                                                                                                 |
-| `tap.resources.tracer.requests.cpu`       | CPU request for tracer                        | `50m`                                                   |
+| `tap.resources.sniffer.limits.memory`     | Memory limit for sniffer                      | `3Gi`                                                                                                                                                                                                                                            |
-| `tap.resources.tracer.requests.memory`    | Memory request for tracer                     | `50Mi`                                                  |
+| `tap.resources.sniffer.requests.cpu`      | CPU request for sniffer                       | `50m`                                                                                                                                                                                                                                            |
-| `tap.probes.hub.initialDelaySeconds`      | Initial delay before probing the hub         | `15`                                                    |
+| `tap.resources.sniffer.requests.memory`   | Memory request for sniffer                    | `50Mi`                                                                                                                                                                                                                                           |
-| `tap.probes.hub.periodSeconds`            | Period between probes for the hub             | `10`                                                    |
+| `tap.resources.tracer.limits.cpu`         | CPU limit for tracer                          | `""`  (no limit)                                                                                                                                                                                                                                 |
-| `tap.probes.hub.successThreshold`         | Number of successful probes before considering the hub healthy | `1`                                        |
+| `tap.resources.tracer.limits.memory`      | Memory limit for tracer                       | `3Gi`                                                                                                                                                                                                                                            |
-| `tap.probes.hub.failureThreshold`         | Number of failed probes before considering the hub unhealthy | `3`                                           |
+| `tap.resources.tracer.requests.cpu`       | CPU request for tracer                        | `50m`                                                                                                                                                                                                                                            |
-| `tap.probes.sniffer.initialDelaySeconds`  | Initial delay before probing the sniffer     | `15`                                                    |
+| `tap.resources.tracer.requests.memory`    | Memory request for tracer                     | `50Mi`                                                                                                                                                                                                                                           |
-| `tap.probes.sniffer.periodSeconds`        | Period between probes for the sniffer         | `10`                                                    |
+| `tap.probes.hub.initialDelaySeconds`      | Initial delay before probing the hub         | `15`                                                                                                                                                                                                                                             |
-| `tap.probes.sniffer.successThreshold`     | Number of successful probes before considering the sniffer healthy | `1`                                    |
+| `tap.probes.hub.periodSeconds`            | Period between probes for the hub             | `10`                                                                                                                                                                                                                                             |
-| `tap.probes.sniffer.failureThreshold`     | Number of failed probes before considering the sniffer unhealthy | `3`                                       |
+| `tap.probes.hub.successThreshold`         | Number of successful probes before considering the hub healthy | `1`                                                                                                                                                                                                                                              |
-| `tap.serviceMesh`                         | Capture traffic from service meshes like Istio, Linkerd, Consul, etc.          | `true`                                                  |
+| `tap.probes.hub.failureThreshold`         | Number of failed probes before considering the hub unhealthy | `3`                                                                                                                                                                                                                                              |
-| `tap.tls`                                 | Capture the encrypted/TLS traffic from cryptography libraries like OpenSSL                         | `true`                                                  |
+| `tap.probes.sniffer.initialDelaySeconds`  | Initial delay before probing the sniffer     | `15`                                                                                                                                                                                                                                             |
-| `tap.disableTlsLog`                       | Suppress logging for TLS/eBPF                 | `true`                                                 |
+| `tap.probes.sniffer.periodSeconds`        | Period between probes for the sniffer         | `10`                                                                                                                                                                                                                                             |
-| `tap.labels`                              | Kubernetes labels to apply to all Kubeshark resources  | `{}`                                                    |
+| `tap.probes.sniffer.successThreshold`     | Number of successful probes before considering the sniffer healthy | `1`                                                                                                                                                                                                                                              |
-| `tap.annotations`                         | Kubernetes annotations to apply to all Kubeshark resources | `{}`                                                |
+| `tap.probes.sniffer.failureThreshold`     | Number of failed probes before considering the sniffer unhealthy | `3`                                                                                                                                                                                                                                              |
-| `tap.nodeSelectorTerms.workers`                   | Node selector terms for workers components                       | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
+| `tap.serviceMesh`                         | Capture traffic from service meshes like Istio, Linkerd, Consul, etc.          | `true`                                                                                                                                                                                                                                           |
-| `tap.nodeSelectorTerms.hub`                   | Node selector terms for hub component                 | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
+| `tap.tls`                                 | Capture the encrypted/TLS traffic from cryptography libraries like OpenSSL                         | `true`                                                                                                                                                                                                                                           |
-| `tap.nodeSelectorTerms.front`                   | Node selector terms for front-end component                         | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
+| `tap.disableTlsLog`                       | Suppress logging for TLS/eBPF                 | `true`                                                                                                                                                                                                                                           |
-| `tap.priorityClass`                   | Priority class name for Kubeshark components                         | `""`                                                |
+| `tap.labels`                              | Kubernetes labels to apply to all Kubeshark resources  | `{}`                                                                                                                                                                                                                                             |
-| `tap.tolerations.workers`                  | Tolerations for workers components                         | `[ {"operator": "Exists", "effect": "NoExecute"}` |
+| `tap.annotations`                         | Kubernetes annotations to apply to all Kubeshark resources | `{}`                                                                                                                                                                                                                                             |
-| `tap.tolerations.hub`                  | Tolerations for hub component                         | `[]` |
+| `tap.nodeSelectorTerms.workers`                   | Node selector terms for workers components                       | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]`                                                                                                                                                         |
-| `tap.tolerations.front`                  | Tolerations for front-end component                         | `[]` |
+| `tap.nodeSelectorTerms.hub`                   | Node selector terms for hub component                 | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]`                                                                                                                                                         |
-| `tap.auth.enabled`                        | Enable authentication                         | `false`                                                 |
+| `tap.nodeSelectorTerms.front`                   | Node selector terms for front-end component                         | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]`                                                                                                                                                         |
-| `tap.auth.type`                           | Authentication type (1 option available: `saml`)      | `saml`                                              |
+| `tap.priorityClass`                   | Priority class name for Kubeshark components                         | `""`                                                                                                                                                                                                                                             |
-| `tap.auth.approvedEmails`                 | List of approved email addresses for authentication              | `[]`                                                    |
+| `tap.tolerations.workers`                  | Tolerations for workers components                         | `[ {"operator": "Exists", "effect": "NoExecute"}`                                                                                                                                                                                                |
-| `tap.auth.approvedDomains`                | List of approved email domains for authentication                | `[]`                                                    |
+| `tap.tolerations.hub`                  | Tolerations for hub component                         | `[]`                                                                                                                                                                                                                                             |
-| `tap.auth.saml.idpMetadataUrl`                    | SAML IDP metadata URL <br/>(effective, if `tap.auth.type = saml`)                                  | ``                                                      |
+| `tap.tolerations.front`                  | Tolerations for front-end component                         | `[]`                                                                                                                                                                                                                                             |
-| `tap.auth.saml.x509crt`                   | A self-signed X.509 `.cert` contents <br/>(effective, if `tap.auth.type = saml`)          | ``                                                      |
+| `tap.auth.enabled`                        | Enable authentication                         | `false`                                                                                                                                                                                                                                          |
-| `tap.auth.saml.x509key`                   | A self-signed X.509 `.key` contents <br/>(effective, if `tap.auth.type = saml`)           | ``                                                      |
+| `tap.auth.type`                           | Authentication type (1 option available: `saml`)      | `saml`                                                                                                                                                                                                                                           |
-| `tap.auth.saml.roleAttribute`             | A SAML attribute name corresponding to user's authorization role <br/>(effective, if `tap.auth.type = saml`)  | `role` |
+| `tap.auth.approvedEmails`                 | List of approved email addresses for authentication              | `[]`                                                                                                                                                                                                                                             |
-| `tap.auth.saml.roles`                     | A list of SAML authorization roles and their permissions <br/>(effective, if `tap.auth.type = saml`)  | `{"admin":{"canDownloadPCAP":true,"canUpdateTargetedPods":true,"canUseScripting":true, "scriptingPermissions":{"canSave":true, "canActivate":true, "canDelete":true}, "canStopTrafficCapturing":true, "filter":"","showAdminConsoleLink":true}}` |
+| `tap.auth.approvedDomains`                | List of approved email domains for authentication                | `[]`                                                                                                                                                                                                                                             |
-| `tap.ingress.enabled`                     | Enable `Ingress`                                | `false`                                                 |
+| `tap.auth.saml.idpMetadataUrl`                    | SAML IDP metadata URL <br/>(effective, if `tap.auth.type = saml`)                                  | ``                                                                                                                                                                                                                                               |
-| `tap.ingress.className`                   | Ingress class name                            | `""`                                                    |
+| `tap.auth.saml.x509crt`                   | A self-signed X.509 `.cert` contents <br/>(effective, if `tap.auth.type = saml`)          | ``                                                                                                                                                                                                                                               |
-| `tap.ingress.host`                        | Host of the `Ingress`                          | `ks.svc.cluster.local`                                  |
+| `tap.auth.saml.x509key`                   | A self-signed X.509 `.key` contents <br/>(effective, if `tap.auth.type = saml`)           | ``                                                                                                                                                                                                                                               |
-| `tap.ingress.tls`                         | `Ingress` TLS configuration                     | `[]`                                                    |
+| `tap.auth.saml.roleAttribute`             | A SAML attribute name corresponding to user's authorization role <br/>(effective, if `tap.auth.type = saml`)  | `role`                                                                                                                                                                                                                                           |
-| `tap.ingress.annotations`                 | `Ingress` annotations                           | `{}`                                                    |
+| `tap.auth.saml.roles`                     | A list of SAML authorization roles and their permissions <br/>(effective, if `tap.auth.type = saml`)  | `{"admin":{"canDownloadPCAP":true,"canUpdateTargetedPods":true,"canUseScripting":true, "scriptingPermissions":{"canSave":true, "canActivate":true, "canDelete":true}, "canStopTrafficCapturing":true, "canControlDissection":true, "filter":"","showAdminConsoleLink":true}}` |
-| `tap.routing.front.basePath`             | Set this value to serve `front` under specific base path. Example: `/custompath` (forward slash must be present)         | `""`       |
+| `tap.ingress.enabled`                     | Enable `Ingress`                                | `false`                                                                                                                                                                                                                                          |
-| `tap.ipv6`                                | Enable IPv6 support for the front-end                        | `true`                                                  |
+| `tap.ingress.className`                   | Ingress class name                            | `""`                                                                                                                                                                                                                                             |
-| `tap.debug`                               | Enable debug mode                             | `false`                                                 |
+| `tap.ingress.host`                        | Host of the `Ingress`                          | `ks.svc.cluster.local`                                                                                                                                                                                                                           |
-| `tap.telemetry.enabled`                   | Enable anonymous usage statistics collection           | `true`                                                  |
+| `tap.ingress.tls`                         | `Ingress` TLS configuration                     | `[]`                                                                                                                                                                                                                                             |
-| `tap.resourceGuard.enabled`               | Enable resource guard worker process, which watches RAM/disk usage and enables/disables traffic capture based on available resources | `false` |
+| `tap.ingress.annotations`                 | `Ingress` annotations                           | `{}`                                                                                                                                                                                                                                             |
-| `tap.secrets`                             | List of secrets to be used as source for environment variables (e.g. `kubeshark-license`) | `[]`                                                    |
+| `tap.routing.front.basePath`             | Set this value to serve `front` under specific base path. Example: `/custompath` (forward slash must be present)         | `""`                                                                                                                                                                                                                                             |
-| `tap.sentry.enabled`                      | Enable sending of error logs to Sentry          | `true` (only for qualified users)                                                  |
+| `tap.ipv6`                                | Enable IPv6 support for the front-end                        | `true`                                                                                                                                                                                                                                           |
-| `tap.sentry.environment`                      | Sentry environment to label error logs with      | `production`                                                  |
+| `tap.debug`                               | Enable debug mode                             | `false`                                                                                                                                                                                                                                          |
-| `tap.defaultFilter`                       | Sets the default dashboard KFL filter (e.g. `http`). By default, this value is set to filter out noisy protocols such as DNS, UDP, ICMP and TCP. The user can easily change this, **temporarily**, in the Dashboard. For a permanent change, you should change this value in the `values.yaml` or `config.yaml` file.        | `"!dns and !error"`                                    |
+| `tap.telemetry.enabled`                   | Enable anonymous usage statistics collection           | `true`                                                                                                                                                                                                                                           |
-| `tap.liveConfigMapChangesDisabled`        | If set to `true`, all user functionality (scripting, targeting settings, global & default KFL modification, traffic recording, traffic capturing on/off, protocol dissectors) involving dynamic ConfigMap changes from UI will be disabled     | `false`      |
+| `tap.resourceGuard.enabled`               | Enable resource guard worker process, which watches RAM/disk usage and enables/disables traffic capture based on available resources | `false`                                                                                                                                                                                                                                          |
-| `tap.globalFilter`                        | Prepends to any KFL filter and can be used to limit what is visible in the dashboard. For example, `redact("request.headers.Authorization")` will redact the appropriate field. Another example `!dns` will not show any DNS traffic.      | `""`                                        |
+| `tap.secrets`                             | List of secrets to be used as source for environment variables (e.g. `kubeshark-license`) | `[]`                                                                                                                                                                                                                                             |
-| `tap.metrics.port`                  | Pod port used to expose Prometheus metrics          | `49100`                                                  |
+| `tap.sentry.enabled`                      | Enable sending of error logs to Sentry          | `true` (only for qualified users)                                                                                                                                                                                                                |
-| `tap.enabledDissectors`                   | This is an array of strings representing the list of supported protocols. Remove or comment out redundant protocols (e.g., dns).| The default list excludes: `udp` and `tcp` |
+| `tap.sentry.environment`                      | Sentry environment to label error logs with      | `production`                                                                                                                                                                                                                                     |
 | `tap.defaultFilter`                       | Sets the default dashboard KFL filter (e.g. `http`). By default, this value is set to filter out noisy protocols such as DNS, UDP, ICMP and TCP. The user can easily change this, **temporarily**, in the Dashboard. For a permanent change, you should change this value in the `values.yaml` or `config.yaml` file.        | `""`                                                                                                                                                                                                                                             |
 | `tap.liveConfigMapChangesDisabled`        | If set to `true`, all user functionality (scripting, targeting settings, global & default KFL modification, traffic recording, traffic capturing on/off, protocol dissectors) involving dynamic ConfigMap changes from UI will be disabled     | `false`                                                                                                                                                                                                                                          |
 | `tap.globalFilter`                        | Prepends to any KFL filter and can be used to limit what is visible in the dashboard. For example, `redact("request.headers.Authorization")` will redact the appropriate field. Another example `!dns` will not show any DNS traffic.      | `""`                                                                                                                                                                                                                                             |
 | `tap.metrics.port`                  | Pod port used to expose Prometheus metrics          | `49100`                                                                                                                                                                                                                                          |
 | `tap.enabledDissectors`                   | This is an array of strings representing the list of supported protocols. Remove or comment out redundant protocols (e.g., dns).| The default list excludes: `udp` and `tcp`                                                                                                                                                                                                       |
 | `tap.mountBpf`                            | BPF filesystem needs to be mounted for eBPF to work properly. This helm value determines whether Kubeshark will attempt to mount the filesystem. This option is not required if filesystem is already mounts. │ `true`|
-| `tap.gitops.enabled`                          | Enable GitOps functionality. This will allow you to use GitOps to manage your Kubeshark configuration. | `false` |
+| `tap.hostNetwork`                         | Enable host network mode for worker DaemonSet pods. When enabled, worker pods use the host's network namespace for direct network access. | `true`                                                                                                                                                                                                                                           |
-| `logs.file`                               | Logs dump path                      | `""`                                                    |
+| `tap.gitops.enabled`                          | Enable GitOps functionality. This will allow you to use GitOps to manage your Kubeshark configuration. | `false`                                                                                                                                                                                                                                          |
-| `pcapdump.enabled`                        | Enable recording of all traffic captured according to other parameters. Whatever Kubeshark captures, considering pod targeting rules, will be stored in pcap files ready to be viewed by tools                 | `true`                                                                                                  |
+| `logs.file`                               | Logs dump path                      | `""`                                                                                                                                                                                                                                             |
-| `pcapdump.maxTime`                        | The time window into the past that will be stored. Older traffic will be discarded.  | `2h`  |
+| `pcapdump.enabled`                        | Enable recording of all traffic captured according to other parameters. Whatever Kubeshark captures, considering pod targeting rules, will be stored in pcap files ready to be viewed by tools                 | `false`                                                                                                                                                                                                                                           |
-| `pcapdump.maxSize`                        | The maximum storage size the PCAP files will consume. Old files that cause to surpass storage consumption will get discarded.   | `500MB`  |
+| `pcapdump.maxTime`                        | The time window into the past that will be stored. Older traffic will be discarded.  | `2h`                                                                                                                                                                                                                                             |
-| `kube.configPath`                         | Path to the `kubeconfig` file (`$HOME/.kube/config`)            | `""`                                                    |
+| `pcapdump.maxSize`                        | The maximum storage size the PCAP files will consume. Old files that cause to surpass storage consumption will get discarded.   | `500MB`                                                                                                                                                                                                                                          |
-| `kube.context`                            | Kubernetes context to use for the deployment  | `""`                                                    |
+| `kube.configPath`                         | Path to the `kubeconfig` file (`$HOME/.kube/config`)            | `""`                                                                                                                                                                                                                                             |
-| `dumpLogs`                                | Enable dumping of logs         | `false`                                                 |
+| `kube.context`                            | Kubernetes context to use for the deployment  | `""`                                                                                                                                                                                                                                             |
-| `headless`                                | Enable running in headless mode               | `false`                                                 |
+| `dumpLogs`                                | Enable dumping of logs         | `false`                                                                                                                                                                                                                                          |
-| `license`                                 | License key for the Pro/Enterprise edition    | `""`                                                    |
+| `headless`                                | Enable running in headless mode               | `false`                                                                                                                                                                                                                                          |
-| `scripting.env`                           | Environment variables for the scripting      | `{}`                                                    |
+| `license`                                 | License key for the Pro/Enterprise edition    | `""`                                                                                                                                                                                                                                             |
-| `scripting.source`                        | Source directory of the scripts                | `""`                                                    |
+| `scripting.enabled`                       | Enables scripting                              | `false`                                                                                                                                                                                                                                          |
-| `scripting.watchScripts`                  | Enable watch mode for the scripts in source directory          | `true`                                                  |
+| `scripting.env`                           | Environment variables for the scripting      | `{}`                                                                                                                                                                                                                                             |
-| `timezone`                                | IANA time zone applied to time shown in the front-end | `""` (local time zone applies) |
+| `scripting.source`                        | Source directory of the scripts                | `""`                                                                                                                                                                                                                                             |
-| `supportChatEnabled`                      | Enable real-time support chat channel based on Intercom | `false` |
+| `scripting.watchScripts`                  | Enable watch mode for the scripts in source directory          | `true`                                                                                                                                                                                                                                           |
-| `internetConnectivity`                    | Turns off API requests that are dependent on Internet connectivity such as `telemetry` and `online-support`. | `true` |
+| `timezone`                                | IANA time zone applied to time shown in the front-end | `""` (local time zone applies)                                                                                                                                                                                                                   |
 | `supportChatEnabled`                      | Enable real-time support chat channel based on Intercom | `false`                                                                                                                                                                                                                                          |
 | `internetConnectivity`                    | Turns off API requests that are dependent on Internet connectivity such as `telemetry` and `online-support`. | `true`                                                                                                                                                                                                                                           |
 KernelMapping pairs kernel versions with a
                            DriverContainer image. Kernel versions can be matched
@@ -302,7 +309,7 @@ tap:
 # Installing with Dex OIDC authentication
-[**Click here to see full docs**](https://docs.kubeshark.co/en/saml#installing-with-oidc-enabled-dex-idp).
+[**Click here to see full docs**](https://docs.kubeshark.com/en/saml#installing-with-oidc-enabled-dex-idp).
 Choose this option, if **you already have a running instance** of Dex in your cluster &
 you want to set up Dex OIDC authentication for Kubeshark users.
--- a/helm-chart/templates/02-cluster-role.yaml
+++ b/helm-chart/templates/02-cluster-role.yaml
@@ -86,3 +86,9 @@ rules:
    verbs:
      - create
      - get
  - apiGroups:
      - batch
    resources:
      - jobs
    verbs:
      - "*"
--- a/helm-chart/templates/04-hub-deployment.yaml
+++ b/helm-chart/templates/04-hub-deployment.yaml
@@ -3,7 +3,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
  {{- if .Values.tap.annotations }}
  annotations:
@@ -15,12 +15,12 @@ spec:
  replicas: 1  # Set the desired number of replicas
  selector:
    matchLabels:
-      app.kubeshark.co/app: hub
+      app.kubeshark.com/app: hub
      {{- include "kubeshark.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
-        app.kubeshark.co/app: hub
+        app.kubeshark.com/app: hub
        {{- include "kubeshark.labels" . | nindent 8 }}
    spec:
      dnsPolicy: ClusterFirstWithHostNet
@@ -37,16 +37,44 @@ spec:
            - -loglevel
            - '{{ .Values.logLevel | default "warning" }}'
            - -capture-stop-after
-            - "{{ if hasKey .Values.tap.capture "stopAfter" }}{{ .Values.tap.capture.stopAfter }}{{ else }}5m{{ end }}"
+            - "{{ if hasKey .Values.tap.capture.dissection "stopAfter" }}{{ .Values.tap.capture.dissection.stopAfter }}{{ else }}5m{{ end }}"
            - -snapshot-size-limit
            - '{{ .Values.tap.snapshots.local.storageSize }}'
            {{- if .Values.tap.delayedDissection.image }}
            - -dissector-image
            - '{{ .Values.tap.delayedDissection.image }}'
            {{- end }}
            {{- if .Values.tap.delayedDissection.cpu }}
            - -dissector-cpu
            - '{{ .Values.tap.delayedDissection.cpu }}'
            {{- end }}
            {{- if .Values.tap.delayedDissection.memory }}
            - -dissector-memory
            - '{{ .Values.tap.delayedDissection.memory }}'
            {{- end }}
            {{- if .Values.tap.gitops.enabled }}
            - -gitops
            {{- end }}
-          {{- if .Values.tap.secrets }}
+            - -cloud-api-url
            - '{{ .Values.cloudApiUrl }}'
            {{- if .Values.tap.snapshots.cloud.provider }}
            - -cloud-storage-provider
            - '{{ .Values.tap.snapshots.cloud.provider }}'
            {{- end }}
          {{- if or .Values.tap.secrets .Values.tap.snapshots.cloud.configMaps .Values.tap.snapshots.cloud.secrets }}
          envFrom:
            {{- range .Values.tap.secrets }}
            - secretRef:
                name: {{ . }}
            {{- end }}
            {{- range .Values.tap.snapshots.cloud.configMaps }}
            - configMapRef:
                name: {{ . }}
            {{- end }}
            {{- range .Values.tap.snapshots.cloud.secrets }}
            - secretRef:
                name: {{ . }}
            {{- end }}
          {{- end }}
          env:
          - name: POD_NAME
@@ -61,8 +89,6 @@ spec:
            value: '{{ (include "sentry.enabled" .) }}'
          - name: SENTRY_ENVIRONMENT
            value: '{{ .Values.tap.sentry.environment }}'
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
          - name: PROFILING_ENABLED
            value: '{{ .Values.tap.pprof.enabled }}'
        {{- if .Values.tap.docker.overrideImage.hub }}
@@ -106,6 +132,8 @@ spec:
          - name: saml-x509-volume
            mountPath: "/etc/saml/x509"
            readOnly: true
          - name: snapshots-volume
            mountPath: "/app/data/snapshots"
 {{- if gt (len .Values.tap.nodeSelectorTerms.hub) 0}}
      affinity:
        nodeAffinity:
@@ -167,3 +195,11 @@ spec:
              items:
              - key: AUTH_SAML_X509_KEY
                path: kubeshark.key
      - name: snapshots-volume
        {{- if .Values.tap.snapshots.local.storageClass }}
        persistentVolumeClaim:
          claimName: {{ include "kubeshark.name" . }}-snapshots-pvc
        {{- else }}
        emptyDir:
          sizeLimit: {{ .Values.tap.snapshots.local.storageSize }}
        {{- end }}
--- a/helm-chart/templates/05-hub-service.yaml
+++ b/helm-chart/templates/05-hub-service.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
  {{- if .Values.tap.annotations }}
  annotations:
@@ -17,5 +17,5 @@ spec:
      port: 80
      targetPort: 8080
  selector:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
  type: ClusterIP
--- a/helm-chart/templates/06-front-deployment.yaml
+++ b/helm-chart/templates/06-front-deployment.yaml
@@ -2,7 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
-    app.kubeshark.co/app: front
+    app.kubeshark.com/app: front
    {{- include "kubeshark.labels" . | nindent 4 }}
  {{- if .Values.tap.annotations }}
  annotations:
@@ -14,12 +14,12 @@ spec:
  replicas: 1  # Set the desired number of replicas
  selector:
    matchLabels:
-      app.kubeshark.co/app: front
+      app.kubeshark.com/app: front
      {{- include "kubeshark.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
-        app.kubeshark.co/app: front
+        app.kubeshark.com/app: front
        {{- include "kubeshark.labels" . | nindent 8 }}
    spec:
      containers:
@@ -48,6 +48,12 @@ spec:
              value: '{{ not (eq .Values.tap.auth.saml.idpMetadataUrl "") | ternary .Values.tap.auth.saml.idpMetadataUrl " " }}'
            - name: REACT_APP_TIMEZONE
              value: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
            - name: REACT_APP_SCRIPTING_HIDDEN
              value: '{{- if and .Values.scripting (eq (.Values.scripting.enabled | toString) "false") -}}
                        true
                      {{- else -}}
                        false
                      {{- end }}'
            - name: REACT_APP_SCRIPTING_DISABLED
              value: '{{- if .Values.tap.liveConfigMapChangesDisabled -}}
                        {{- if .Values.demoModeEnabled -}}
@@ -66,11 +72,13 @@ spec:
              value: '{{ eq .Values.tap.packetCapture "af_packet" | ternary "false" "true" }}'
            - name: REACT_APP_RECORDING_DISABLED
              value: '{{ .Values.tap.liveConfigMapChangesDisabled }}'
-            - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED
+            - name: REACT_APP_DISSECTION_ENABLED
-              value: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.capture.stopped -}}
+              value: '{{ .Values.tap.capture.dissection.enabled | ternary "true" "false" }}'
-                        false
+            - name: REACT_APP_DISSECTION_CONTROL_ENABLED
              value: '{{- if and .Values.tap.liveConfigMapChangesDisabled (not .Values.tap.capture.dissection.enabled) -}}
                        true
                      {{- else -}}
-                        {{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
+                        {{ not .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
                      {{- end -}}'
            - name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
              value: '{{- if or (and .Values.cloudLicenseEnabled (not (empty .Values.license))) (not .Values.internetConnectivity) -}}
@@ -78,14 +86,14 @@ spec:
                      {{- else -}}
                        {{ .Values.cloudLicenseEnabled }}
                      {{- end }}'
            - name: 'REACT_APP_AI_ASSISTANT_ENABLED'
              value: '{{ .Values.aiAssistantEnabled | ternary "true" "false" }}'
            - name: REACT_APP_SUPPORT_CHAT_ENABLED
              value: '{{ and .Values.supportChatEnabled .Values.internetConnectivity | ternary "true" "false" }}'
            - name: REACT_APP_BETA_ENABLED
              value: '{{ default false .Values.betaEnabled | ternary "true" "false" }}'
            - name: REACT_APP_DISSECTORS_UPDATING_ENABLED
              value: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
            - name: REACT_APP_RAW_CAPTURE_ENABLED
              value: '{{ .Values.tap.capture.raw.enabled | ternary "true" "false" }}'
            - name: REACT_APP_SENTRY_ENABLED
              value: '{{ (include "sentry.enabled" .) }}'
            - name: REACT_APP_SENTRY_ENVIRONMENT
--- a/helm-chart/templates/07-front-service.yaml
+++ b/helm-chart/templates/07-front-service.yaml
@@ -16,5 +16,5 @@ spec:
      port: 80
      targetPort: 8080
  selector:
-    app.kubeshark.co/app: front
+    app.kubeshark.com/app: front
  type: ClusterIP
--- a/helm-chart/templates/09-snapshots-pvc.yaml
+++ b/helm-chart/templates/09-snapshots-pvc.yaml
@@ -0,0 +1,22 @@
 ---
 {{- if .Values.tap.snapshots.local.storageClass }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  labels:
    {{- include "kubeshark.labels" . | nindent 4 }}
  {{- if .Values.tap.annotations }}
  annotations:
    {{- toYaml .Values.tap.annotations | nindent 4 }}
  {{- end }}
  name: {{ include "kubeshark.name" . }}-snapshots-pvc
  namespace: {{ .Release.Namespace }}
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.tap.snapshots.local.storageSize }}
  storageClassName: {{ .Values.tap.snapshots.local.storageClass }}
 status: {}
 {{- end }}
--- a/helm-chart/templates/09-worker-daemon-set.yaml
+++ b/helm-chart/templates/09-worker-daemon-set.yaml
@@ -3,7 +3,7 @@ apiVersion: apps/v1
 kind: DaemonSet
 metadata:
  labels:
-    app.kubeshark.co/app: worker
+    app.kubeshark.com/app: worker
    sidecar.istio.io/inject: "false"
    {{- include "kubeshark.labels" . | nindent 4 }}
  {{- if .Values.tap.annotations }}
@@ -15,12 +15,12 @@ metadata:
 spec:
  selector:
    matchLabels:
-      app.kubeshark.co/app: worker
+      app.kubeshark.com/app: worker
      {{- include "kubeshark.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
-        app.kubeshark.co/app: worker
+        app.kubeshark.com/app: worker
        {{- include "kubeshark.labels" . | nindent 8 }}
      name: kubeshark-worker-daemon-set
      namespace: kubeshark
@@ -99,6 +99,12 @@ spec:
            - '{{ .Values.tap.misc.resolutionStrategy }}'
            - -staletimeout
            - '{{ .Values.tap.misc.staleTimeoutSeconds }}'
            - -storage-size
            - '{{ .Values.tap.storageLimit }}'
            - -capture-db-max-size
            - '{{ .Values.tap.capture.dbMaxSize }}'
            - -cloud-api-url
            - '{{ .Values.cloudApiUrl }}'
        {{- if .Values.tap.docker.overrideImage.worker }}
          image: '{{ .Values.tap.docker.overrideImage.worker }}'
        {{- else if .Values.tap.docker.overrideTag.worker }}
@@ -125,8 +131,6 @@ spec:
            value: '{{ .Values.tap.misc.tcpStreamChannelTimeoutMs }}'
          - name: TCP_STREAM_CHANNEL_TIMEOUT_SHOW
            value: '{{ .Values.tap.misc.tcpStreamChannelTimeoutShow }}'
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
          - name: PROFILING_ENABLED
            value: '{{ .Values.tap.pprof.enabled }}'
          - name: SENTRY_ENABLED
@@ -329,7 +333,7 @@ spec:
              readOnly: true
      {{- end }}
      dnsPolicy: ClusterFirstWithHostNet
-      hostNetwork: true
+      hostNetwork: {{ .Values.tap.hostNetwork }}
      serviceAccountName: {{ include "kubeshark.serviceAccountName" . }}
      {{- if .Values.tap.priorityClass }}
      priorityClassName: {{ .Values.tap.priorityClass | quote }}
@@ -398,8 +402,8 @@ spec:
        - hostPath:
            path: /
          name: root
        - name: data
        {{- end }}
        - name: data
 {{- if .Values.tap.persistentStorage }}
          persistentVolumeClaim:
            claimName: kubeshark-persistent-volume-claim
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@@ -4,14 +4,15 @@ metadata:
  name: {{ include "kubeshark.configmapName" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
 data:
    POD_REGEX: '{{ .Values.tap.regex }}'
    NAMESPACES: '{{ gt (len .Values.tap.namespaces) 0 | ternary (join "," .Values.tap.namespaces) "" }}'
    EXCLUDED_NAMESPACES: '{{ gt (len .Values.tap.excludedNamespaces) 0 | ternary (join "," .Values.tap.excludedNamespaces) "" }}'
    BPF_OVERRIDE: '{{ .Values.tap.bpfOverride }}'
-    STOPPED: '{{ .Values.tap.capture.stopped | ternary "true" "false" }}'
+    DISSECTION_ENABLED: '{{ .Values.tap.capture.dissection.enabled | ternary "true" "false" }}'
    CAPTURE_SELF: '{{ .Values.tap.capture.captureSelf | ternary "true" "false" }}'
    SCRIPTING_SCRIPTS: '{}'
    SCRIPTING_ACTIVE_SCRIPTS: '{{ gt (len .Values.scripting.active) 0 | ternary (join "," .Values.scripting.active) "" }}'
    INGRESS_ENABLED: '{{ .Values.tap.ingress.enabled }}'
@@ -55,11 +56,11 @@ data:
    TARGETED_PODS_UPDATE_DISABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "" }}'
    PRESET_FILTERS_CHANGING_ENABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
    RECORDING_DISABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "" }}'
-    STOP_TRAFFIC_CAPTURING_DISABLED: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.capture.stopped -}}
+    DISSECTION_CONTROL_ENABLED: '{{- if and .Values.tap.liveConfigMapChangesDisabled (not .Values.tap.capture.dissection.enabled) -}}
-                                        false
+                                     true
-                                      {{- else -}}
+                                   {{- else -}}
-                                        {{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
+                                     {{ not .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
-                                      {{- end }}'
+                                   {{- end }}'
    GLOBAL_FILTER: {{ include "kubeshark.escapeDoubleQuotes" .Values.tap.globalFilter | quote }}
    DEFAULT_FILTER: {{ include "kubeshark.escapeDoubleQuotes" .Values.tap.defaultFilter | quote }}
    TRAFFIC_SAMPLE_RATE: '{{ .Values.tap.misc.trafficSampleRate }}'
@@ -72,7 +73,6 @@ data:
                            {{- else -}}
                              {{ .Values.cloudLicenseEnabled }}
                            {{- end }}'
    AI_ASSISTANT_ENABLED: '{{ .Values.aiAssistantEnabled | ternary "true" "false" }}'
    DUPLICATE_TIMEFRAME: '{{ .Values.tap.misc.duplicateTimeframe }}'
    ENABLED_DISSECTORS: '{{ gt (len .Values.tap.enabledDissectors) 0 | ternary (join "," .Values.tap.enabledDissectors) "" }}'
    CUSTOM_MACROS: '{{ toJson .Values.tap.customMacros }}'
@@ -83,3 +83,5 @@ data:
    PCAP_MAX_TIME: '{{ .Values.pcapdump.maxTime }}'
    PCAP_MAX_SIZE: '{{ .Values.pcapdump.maxSize }}'
    PORT_MAPPING: '{{ toJson .Values.tap.portMapping }}'
    RAW_CAPTURE_ENABLED: '{{ .Values.tap.capture.raw.enabled | ternary "true" "false" }}'
    RAW_CAPTURE_STORAGE_SIZE: '{{ .Values.tap.capture.raw.storageSize }}'
--- a/helm-chart/templates/13-secret.yaml
+++ b/helm-chart/templates/13-secret.yaml
@@ -4,7 +4,7 @@ metadata:
  name: {{ include "kubeshark.secretName" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
 stringData:
    LICENSE: '{{ .Values.license }}'
@@ -20,7 +20,7 @@ metadata:
  name: kubeshark-saml-x509-crt-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
 stringData:
  AUTH_SAML_X509_CRT: |
@@ -34,7 +34,7 @@ metadata:
  name: kubeshark-saml-x509-key-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
 stringData:
  AUTH_SAML_X509_KEY: |
--- a/helm-chart/templates/15-worker-service-metrics.yaml
+++ b/helm-chart/templates/15-worker-service-metrics.yaml
@@ -14,7 +14,7 @@ metadata:
  namespace: {{ .Release.Namespace }}
 spec:
  selector:
-    app.kubeshark.co/app: worker
+    app.kubeshark.com/app: worker
    {{- include "kubeshark.labels" . | nindent 4 }}
  ports:
  - name: metrics
--- a/helm-chart/templates/16-hub-service-metrics.yaml
+++ b/helm-chart/templates/16-hub-service-metrics.yaml
@@ -14,7 +14,7 @@ metadata:
  namespace: {{ .Release.Namespace }}
 spec:
  selector:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
  ports:
  - name: metrics
--- a/helm-chart/templates/17-network-policies.yaml
+++ b/helm-chart/templates/17-network-policies.yaml
@@ -12,7 +12,7 @@ metadata:
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: hub
+      app.kubeshark.com/app: hub
  policyTypes:
    - Ingress
    - Egress
@@ -40,7 +40,7 @@ metadata:
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: front
+      app.kubeshark.com/app: front
  policyTypes:
    - Ingress
    - Egress
@@ -65,7 +65,7 @@ metadata:
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: dex
+      app.kubeshark.com/app: dex
  policyTypes:
    - Ingress
    - Egress
@@ -90,7 +90,7 @@ metadata:
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: worker
+      app.kubeshark.com/app: worker
  policyTypes:
    - Ingress
    - Egress
--- a/helm-chart/templates/18-dex-deployment.yaml
+++ b/helm-chart/templates/18-dex-deployment.yaml
@@ -5,7 +5,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
-    app.kubeshark.co/app: dex
+    app.kubeshark.com/app: dex
    {{- include "kubeshark.labels" . | nindent 4 }}
  {{- if .Values.tap.annotations }}
  annotations:
@@ -17,12 +17,12 @@ spec:
  replicas: 1  # Set the desired number of replicas
  selector:
    matchLabels:
-      app.kubeshark.co/app: dex
+      app.kubeshark.com/app: dex
      {{- include "kubeshark.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
-        app.kubeshark.co/app: dex
+        app.kubeshark.com/app: dex
        {{- include "kubeshark.labels" . | nindent 8 }}
    spec:
      containers:
--- a/helm-chart/templates/19-dex-service.yaml
+++ b/helm-chart/templates/19-dex-service.yaml
@@ -5,7 +5,7 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    app.kubeshark.co/app: dex
+    app.kubeshark.com/app: dex
    {{- include "kubeshark.labels" . | nindent 4 }}
  {{- if .Values.tap.annotations }}
  annotations:
@@ -19,7 +19,7 @@ spec:
      port: 80
      targetPort: 5556
  selector:
-    app.kubeshark.co/app: dex
+    app.kubeshark.com/app: dex
  type: ClusterIP
 {{- end }}
--- a/helm-chart/templates/20-dex-secret.yaml
+++ b/helm-chart/templates/20-dex-secret.yaml
@@ -6,7 +6,7 @@ metadata:
  name: kubeshark-dex-conf-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
    {{- include "kubeshark.labels" . | nindent 4 }}
 data:
  dex-config.yaml: {{ .Values.tap.auth.dexConfig | toYaml | b64enc | quote }}
--- a/helm-chart/templates/NOTES.txt
+++ b/helm-chart/templates/NOTES.txt
@@ -28,9 +28,12 @@ Notices:
 - Support chat using Intercom is enabled. It can be disabled using `--set supportChatEnabled=false`
 {{- end }}
 {{- if eq .Values.license ""}}
- No license key was detected. You can either log-in/sign-up through the dashboard, or download the license key from https://console.kubeshark.co/ and add it as `LICENSE` via mounted secret (`tap.secrets`).
+- No license key was detected. 
 - Authenticate through the dashboard to activate a complementary COMMUNITY license.
 - If you have an Enterprise license, download the license key from https://console.kubeshark.com/
 - An Enterprise license-key can be added as 'license: <license>' in helm values or as `--set license=<license>` or as `LICENSE` via mounted secret (`tap.secrets`).
 - Contact us to get an Enterprise license: https://kubeshark.com/contact-us.
 {{- end }}
 {{ if .Values.tap.ingress.enabled }}
 You can now access the application through the following URL:
@@ -42,8 +45,9 @@ To access the application, follow these steps:
 1. Perform port forwarding with the following commands:
    kubectl port-forward -n {{ .Release.Namespace }} service/kubeshark-front 8899:80
    you could also run: `kubeshark proxy` (which simply manages the port-forward connection)
 2. Once port forwarding is done, you can access the application by visiting the following URL in your web browser:
-    http://0.0.0.0:8899{{ default "" (((.Values.tap).routing).front).basePath }}/
+    http://127.0.0.1:8899{{ default "" (((.Values.tap).routing).front).basePath }}/
 {{- end }}
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -1,4 +1,3 @@
 # find a detailed description here: https://github.com/kubeshark/kubeshark/blob/master/helm-chart/README.md
 tap:
  docker:
    registry: docker.io/kubeshark
@@ -27,10 +26,28 @@ tap:
  excludedNamespaces: []
  bpfOverride: ""
  capture:
-    stopped: false
+    dissection:
-    stopAfter: 5m
+      enabled: true
      stopAfter: 5m
    captureSelf: false
    raw:
      enabled: true
      storageSize: 1Gi
    dbMaxSize: 500Mi
  delayedDissection:
    image: kubeshark/worker:master
    cpu: "1"
    memory: 4Gi
  snapshots:
    local:
      storageClass: ""
      storageSize: 20Gi
    cloud:
      provider: ""      # cloud storage provider: "s3" (empty = disabled)
      configMaps: []    # names of ConfigMaps with cloud storage env vars
      secrets: []       # names of Secrets with cloud storage credentials
  release:
-    repo: https://helm.kubeshark.co
+    repo: https://helm.kubeshark.com
    name: kubeshark
    namespace: default
  persistentStorage: false
@@ -38,7 +55,7 @@ tap:
  persistentStoragePvcVolumeMode: FileSystem
  efsFileSytemIdAndPath: ""
  secrets: []
-  storageLimit: 5Gi
+  storageLimit: 10Gi
  storageClass: standard
  dryRun: false
  dns:
@@ -134,6 +151,7 @@ tap:
            canDelete: true
          canUpdateTargetedPods: true
          canStopTrafficCapturing: true
          canControlDissection: true
          showAdminConsoleLink: true
  ingress:
    enabled: false
@@ -149,6 +167,7 @@ tap:
  ipv6: true
  debug: false
  dashboard:
    streamingType: connect-rpc
    completeStreamingEnabled: true
  telemetry:
    enabled: true
@@ -161,7 +180,7 @@ tap:
  sentry:
    enabled: false
    environment: production
-  defaultFilter: "!dns and !error"
+  defaultFilter: ""
  liveConfigMapChangesDisabled: false
  globalFilter: ""
  enabledDissectors:
@@ -175,6 +194,10 @@ tap:
  - ldap
  - radius
  - diameter
  - udp-flow
  - tcp-flow
  - tcp-conn
  - udp-conn
  portMapping:
    http:
    - 80
@@ -201,8 +224,8 @@ tap:
    view: flamegraph
  misc:
    jsonTTL: 5m
-    pcapTTL: 10s
+    pcapTTL: "0"
-    pcapErrorTTL: 60s
+    pcapErrorTTL: "0"
    trafficSampleRate: 100
    tcpStreamChannelTimeoutMs: 10000
    tcpStreamChannelTimeoutShow: false
@@ -234,11 +257,12 @@ tap:
      - SYS_RESOURCE
      - IPC_LOCK
  mountBpf: true
  hostNetwork: true
 logs:
  file: ""
  grep: ""
 pcapdump:
-  enabled: true
+  enabled: false
  timeInterval: 1m
  maxTime: 1h
  maxSize: 500MB
@@ -251,13 +275,14 @@ kube:
 dumpLogs: false
 headless: false
 license: ""
 cloudApiUrl: "https://api.kubeshark.com"
 cloudLicenseEnabled: true
 aiAssistantEnabled: true
 demoModeEnabled: false
-supportChatEnabled: true
+supportChatEnabled: false
 betaEnabled: false
 internetConnectivity: true
 scripting:
  enabled: false
  env: {}
  source: ""
  sources: []
--- a/integration/README.md
+++ b/integration/README.md
@@ -0,0 +1,57 @@
 # Integration Tests
 This directory contains integration tests that run against a real Kubernetes cluster.
 ## Prerequisites
 1. **Kubernetes cluster** - A running cluster accessible via `kubectl`
 2. **kubectl** - Configured with appropriate context
 3. **Go 1.21+** - For running tests
 ## Running Tests
 ```bash
 # Run all integration tests
 make test-integration
 # Run specific command tests
 make test-integration-mcp
 # Run with verbose output
 make test-integration-verbose
 # Run with custom timeout (default: 5m)
 INTEGRATION_TIMEOUT=10m make test-integration
 ```
 ## Environment Variables
 | Variable | Default | Description |
 |----------|---------|-------------|
 | `KUBESHARK_BINARY` | Auto-built | Path to pre-built kubeshark binary |
 | `INTEGRATION_TIMEOUT` | `5m` | Test timeout duration |
 | `KUBECONFIG` | `~/.kube/config` | Kubernetes config file |
 | `INTEGRATION_SKIP_CLEANUP` | `false` | Skip cleanup after tests (for debugging) |
 ## Test Structure
 ```
 integration/
 ├── README.md           # This file
 ├── common_test.go      # Shared test helpers
 ├── mcp_test.go         # MCP command integration tests
 ├── tap_test.go         # Tap command tests (future)
 └── ...                 # Additional command tests
 ```
 ## Writing New Tests
 1. Create `<command>_test.go` with build tag `//go:build integration`
 2. Use helpers from `common_test.go`: `requireKubernetesCluster(t)`, `getKubesharkBinary(t)`, `cleanupKubeshark(t, binary)`
 ## CI/CD Integration
 ```bash
 # JSON output for CI parsing
 go test -tags=integration -json ./integration/...
 ```
--- a/integration/common_test.go
+++ b/integration/common_test.go
@@ -0,0 +1,217 @@
 //go:build integration
 // Package integration contains integration tests that run against a real Kubernetes cluster.
 // Run with: go test -tags=integration ./integration/...
 package integration
 import (
 	"bytes"
 	"context"
 	"fmt"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strings"
 	"sync"
 	"testing"
 	"time"
 )
 const (
 	binaryName     = "kubeshark"
 	defaultTimeout = 2 * time.Minute
 	startupTimeout = 3 * time.Minute
 )
 var (
 	// binaryPath caches the built binary path
 	binaryPath string
 	buildOnce  sync.Once
 	buildErr   error
 )
 // requireKubernetesCluster skips the test if no Kubernetes cluster is available.
 func requireKubernetesCluster(t *testing.T) {
 	t.Helper()
 	if !hasKubernetesCluster() {
 		t.Skip("Skipping: no Kubernetes cluster available")
 	}
 }
 // hasKubernetesCluster returns true if a Kubernetes cluster is accessible.
 func hasKubernetesCluster() bool {
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 	return exec.CommandContext(ctx, "kubectl", "cluster-info").Run() == nil
 }
 // getKubesharkBinary returns the path to the kubeshark binary, building it if necessary.
 func getKubesharkBinary(t *testing.T) string {
 	t.Helper()
 	// Check if binary path is provided via environment
 	if envBinary := os.Getenv("KUBESHARK_BINARY"); envBinary != "" {
 		if _, err := os.Stat(envBinary); err == nil {
 			return envBinary
 		}
 		t.Fatalf("KUBESHARK_BINARY set but file not found: %s", envBinary)
 	}
 	// Build once per test run
 	buildOnce.Do(func() {
 		binaryPath, buildErr = buildBinary(t)
 	})
 	if buildErr != nil {
 		t.Fatalf("Failed to build binary: %v", buildErr)
 	}
 	return binaryPath
 }
 // buildBinary compiles the binary and returns its path.
 func buildBinary(t *testing.T) (string, error) {
 	t.Helper()
 	// Find project root (directory containing go.mod)
 	projectRoot, err := findProjectRoot()
 	if err != nil {
 		return "", fmt.Errorf("finding project root: %w", err)
 	}
 	outputPath := filepath.Join(projectRoot, "bin", binaryName+"_integration_test")
 	t.Logf("Building %s binary at %s", binaryName, outputPath)
 	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
 	defer cancel()
 	cmd := exec.CommandContext(ctx, "go", "build",
 		"-o", outputPath,
 		filepath.Join(projectRoot, binaryName+".go"),
 	)
 	cmd.Dir = projectRoot
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		return "", fmt.Errorf("build failed: %w\nOutput: %s", err, output)
 	}
 	return outputPath, nil
 }
 // findProjectRoot locates the project root by finding go.mod
 func findProjectRoot() (string, error) {
 	dir, err := os.Getwd()
 	if err != nil {
 		return "", err
 	}
 	for {
 		if _, err := os.Stat(filepath.Join(dir, "go.mod")); err == nil {
 			return dir, nil
 		}
 		parent := filepath.Dir(dir)
 		if parent == dir {
 			return "", fmt.Errorf("could not find go.mod in any parent directory")
 		}
 		dir = parent
 	}
 }
 // runKubeshark executes the kubeshark binary with the given arguments.
 // Returns combined stdout/stderr and any error.
 func runKubeshark(t *testing.T, binary string, args ...string) (string, error) {
 	t.Helper()
 	return runKubesharkWithTimeout(t, binary, defaultTimeout, args...)
 }
 // runKubesharkWithTimeout executes the kubeshark binary with a custom timeout.
 func runKubesharkWithTimeout(t *testing.T, binary string, timeout time.Duration, args ...string) (string, error) {
 	t.Helper()
 	ctx, cancel := context.WithTimeout(context.Background(), timeout)
 	defer cancel()
 	t.Logf("Running: %s %s", binary, strings.Join(args, " "))
 	cmd := exec.CommandContext(ctx, binary, args...)
 	var stdout, stderr bytes.Buffer
 	cmd.Stdout = &stdout
 	cmd.Stderr = &stderr
 	err := cmd.Run()
 	output := stdout.String()
 	if stderr.Len() > 0 {
 		output += "\n[stderr]\n" + stderr.String()
 	}
 	if ctx.Err() == context.DeadlineExceeded {
 		return output, fmt.Errorf("command timed out after %v", timeout)
 	}
 	return output, err
 }
 // cleanupKubeshark ensures Kubeshark is not running in the cluster.
 func cleanupKubeshark(t *testing.T, binary string) {
 	t.Helper()
 	if os.Getenv("INTEGRATION_SKIP_CLEANUP") == "true" {
 		t.Log("Skipping cleanup (INTEGRATION_SKIP_CLEANUP=true)")
 		return
 	}
 	t.Log("Cleaning up any existing Kubeshark installation...")
 	// Run clean command, ignore errors (might not be installed)
 	_, _ = runKubeshark(t, binary, "clean")
 	// Wait a moment for resources to be deleted
 	time.Sleep(2 * time.Second)
 }
 // waitForKubesharkReady waits for Kubeshark to be ready after starting.
 func waitForKubesharkReady(t *testing.T, binary string, timeout time.Duration) error {
 	t.Helper()
 	t.Log("Waiting for Kubeshark to be ready...")
 	deadline := time.Now().Add(timeout)
 	for time.Now().Before(deadline) {
 		// Check if pods are running
 		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 		cmd := exec.CommandContext(ctx, "kubectl", "get", "pods", "-l", "app.kubernetes.io/name=kubeshark", "-o", "jsonpath={.items[*].status.phase}")
 		output, err := cmd.Output()
 		cancel()
 		if err == nil && strings.Contains(string(output), "Running") {
 			t.Log("Kubeshark is ready")
 			return nil
 		}
 		time.Sleep(5 * time.Second)
 	}
 	return fmt.Errorf("timeout waiting for Kubeshark to be ready")
 }
 // isKubesharkRunning checks if Kubeshark is currently running in the cluster.
 func isKubesharkRunning(t *testing.T) bool {
 	t.Helper()
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 	cmd := exec.CommandContext(ctx, "kubectl", "get", "pods", "-l", "app.kubernetes.io/name=kubeshark", "-o", "name")
 	output, err := cmd.Output()
 	if err != nil {
 		return false
 	}
 	return strings.TrimSpace(string(output)) != ""
 }
--- a/integration/mcp_test.go
+++ b/integration/mcp_test.go
@@ -0,0 +1,529 @@
 //go:build integration
 package integration
 import (
 	"bufio"
 	"bytes"
 	"context"
 	"encoding/json"
 	"io"
 	"os/exec"
 	"strings"
 	"testing"
 	"time"
 )
 // MCPRequest represents a JSON-RPC request
 type MCPRequest struct {
 	JSONRPC string      `json:"jsonrpc"`
 	ID      int         `json:"id"`
 	Method  string      `json:"method"`
 	Params  interface{} `json:"params,omitempty"`
 }
 // MCPResponse represents a JSON-RPC response
 type MCPResponse struct {
 	JSONRPC string          `json:"jsonrpc"`
 	ID      int             `json:"id"`
 	Result  json.RawMessage `json:"result,omitempty"`
 	Error   *MCPError       `json:"error,omitempty"`
 }
 // MCPError represents a JSON-RPC error
 type MCPError struct {
 	Code    int    `json:"code"`
 	Message string `json:"message"`
 }
 // mcpSession represents a running MCP server session
 type mcpSession struct {
 	cmd    *exec.Cmd
 	stdin  io.WriteCloser
 	stdout *bufio.Reader
 	stderr *bytes.Buffer // Captured stderr for debugging
 	cancel context.CancelFunc
 }
 // startMCPSession starts an MCP server and returns a session for sending requests.
 // By default, starts in read-only mode (no --allow-destructive).
 func startMCPSession(t *testing.T, binary string, args ...string) *mcpSession {
 	t.Helper()
 	ctx, cancel := context.WithCancel(context.Background())
 	cmdArgs := append([]string{"mcp"}, args...)
 	cmd := exec.CommandContext(ctx, binary, cmdArgs...)
 	stdin, err := cmd.StdinPipe()
 	if err != nil {
 		cancel()
 		t.Fatalf("Failed to create stdin pipe: %v", err)
 	}
 	stdout, err := cmd.StdoutPipe()
 	if err != nil {
 		cancel()
 		t.Fatalf("Failed to create stdout pipe: %v", err)
 	}
 	// Capture stderr for debugging
 	var stderrBuf bytes.Buffer
 	cmd.Stderr = &stderrBuf
 	if err := cmd.Start(); err != nil {
 		cancel()
 		t.Fatalf("Failed to start MCP server: %v", err)
 	}
 	return &mcpSession{
 		cmd:    cmd,
 		stdin:  stdin,
 		stdout: bufio.NewReader(stdout),
 		stderr: &stderrBuf,
 		cancel: cancel,
 	}
 }
 // startMCPSessionWithDestructive starts an MCP server with --allow-destructive flag.
 func startMCPSessionWithDestructive(t *testing.T, binary string, args ...string) *mcpSession {
 	t.Helper()
 	allArgs := append([]string{"--allow-destructive"}, args...)
 	return startMCPSession(t, binary, allArgs...)
 }
 // sendRequest sends a JSON-RPC request and returns the response (30s timeout).
 func (s *mcpSession) sendRequest(t *testing.T, req MCPRequest) MCPResponse {
 	t.Helper()
 	return s.sendRequestWithTimeout(t, req, 30*time.Second)
 }
 // sendRequestWithTimeout sends a JSON-RPC request with a custom timeout.
 func (s *mcpSession) sendRequestWithTimeout(t *testing.T, req MCPRequest, timeout time.Duration) MCPResponse {
 	t.Helper()
 	reqBytes, err := json.Marshal(req)
 	if err != nil {
 		t.Fatalf("Failed to marshal request: %v", err)
 	}
 	t.Logf("Sending: %s", string(reqBytes))
 	if _, err := s.stdin.Write(append(reqBytes, '\n')); err != nil {
 		t.Fatalf("Failed to write request: %v", err)
 	}
 	// Read response with timeout
 	responseChan := make(chan string, 1)
 	errChan := make(chan error, 1)
 	go func() {
 		line, err := s.stdout.ReadString('\n')
 		if err != nil {
 			errChan <- err
 			return
 		}
 		responseChan <- line
 	}()
 	select {
 	case line := <-responseChan:
 		t.Logf("Received: %s", strings.TrimSpace(line))
 		var resp MCPResponse
 		if err := json.Unmarshal([]byte(line), &resp); err != nil {
 			t.Fatalf("Failed to unmarshal response: %v\nResponse: %s", err, line)
 		}
 		return resp
 	case err := <-errChan:
 		t.Fatalf("Failed to read response: %v", err)
 		return MCPResponse{}
 	case <-time.After(timeout):
 		t.Fatalf("Timeout waiting for MCP response after %v", timeout)
 		return MCPResponse{}
 	}
 }
 // callTool invokes an MCP tool and returns the response (30s timeout).
 func (s *mcpSession) callTool(t *testing.T, id int, toolName string, args map[string]interface{}) MCPResponse {
 	t.Helper()
 	return s.callToolWithTimeout(t, id, toolName, args, 30*time.Second)
 }
 // callToolWithTimeout invokes an MCP tool with a custom timeout.
 func (s *mcpSession) callToolWithTimeout(t *testing.T, id int, toolName string, args map[string]interface{}, timeout time.Duration) MCPResponse {
 	t.Helper()
 	return s.sendRequestWithTimeout(t, MCPRequest{
 		JSONRPC: "2.0",
 		ID:      id,
 		Method:  "tools/call",
 		Params: map[string]interface{}{
 			"name":      toolName,
 			"arguments": args,
 		},
 	}, timeout)
 }
 // close terminates the MCP session.
 func (s *mcpSession) close() {
 	s.cancel()
 	_ = s.cmd.Wait()
 }
 // getStderr returns any captured stderr output (useful for debugging failures).
 func (s *mcpSession) getStderr() string {
 	if s.stderr == nil {
 		return ""
 	}
 	return s.stderr.String()
 }
 // initialize sends the MCP initialize request and returns the response.
 func (s *mcpSession) initialize(t *testing.T, id int) MCPResponse {
 	t.Helper()
 	return s.sendRequest(t, MCPRequest{
 		JSONRPC: "2.0",
 		ID:      id,
 		Method:  "initialize",
 		Params: map[string]interface{}{
 			"protocolVersion": "2024-11-05",
 			"capabilities":    map[string]interface{}{},
 			"clientInfo":      map[string]interface{}{"name": "test", "version": "1.0"},
 		},
 	})
 }
 // TestMCP_Initialize tests the MCP initialization handshake.
 func TestMCP_Initialize(t *testing.T) {
 	requireKubernetesCluster(t)
 	session := startMCPSession(t, getKubesharkBinary(t))
 	defer session.close()
 	resp := session.initialize(t, 1)
 	if resp.Error != nil {
 		t.Fatalf("Initialize failed: %s", resp.Error.Message)
 	}
 	var result map[string]interface{}
 	if err := json.Unmarshal(resp.Result, &result); err != nil {
 		t.Fatalf("Failed to parse result: %v", err)
 	}
 	if _, ok := result["capabilities"]; !ok {
 		t.Error("Response missing capabilities")
 	}
 	if _, ok := result["serverInfo"]; !ok {
 		t.Error("Response missing serverInfo")
 	}
 }
 // TestMCP_ToolsList_ReadOnly tests that tools/list returns only safe tools in read-only mode.
 func TestMCP_ToolsList_ReadOnly(t *testing.T) {
 	requireKubernetesCluster(t)
 	session := startMCPSession(t, getKubesharkBinary(t))
 	defer session.close()
 	session.initialize(t, 1)
 	resp := session.sendRequest(t, MCPRequest{JSONRPC: "2.0", ID: 2, Method: "tools/list"})
 	if resp.Error != nil {
 		t.Fatalf("tools/list failed: %s", resp.Error.Message)
 	}
 	var result struct {
 		Tools []struct{ Name string `json:"name"` } `json:"tools"`
 	}
 	if err := json.Unmarshal(resp.Result, &result); err != nil {
 		t.Fatalf("Failed to parse result: %v", err)
 	}
 	toolNames := make(map[string]bool)
 	for _, tool := range result.Tools {
 		toolNames[tool.Name] = true
 	}
 	if !toolNames["check_kubeshark_status"] {
 		t.Error("Missing expected tool: check_kubeshark_status")
 	}
 	if toolNames["start_kubeshark"] || toolNames["stop_kubeshark"] {
 		t.Error("Destructive tools should not be available in read-only mode")
 	}
 }
 // TestMCP_ToolsList_WithDestructive tests that tools/list includes destructive tools when flag is set.
 func TestMCP_ToolsList_WithDestructive(t *testing.T) {
 	requireKubernetesCluster(t)
 	session := startMCPSessionWithDestructive(t, getKubesharkBinary(t))
 	defer session.close()
 	session.initialize(t, 1)
 	resp := session.sendRequest(t, MCPRequest{JSONRPC: "2.0", ID: 2, Method: "tools/list"})
 	if resp.Error != nil {
 		t.Fatalf("tools/list failed: %s", resp.Error.Message)
 	}
 	var result struct {
 		Tools []struct{ Name string `json:"name"` } `json:"tools"`
 	}
 	if err := json.Unmarshal(resp.Result, &result); err != nil {
 		t.Fatalf("Failed to parse result: %v", err)
 	}
 	toolNames := make(map[string]bool)
 	for _, tool := range result.Tools {
 		toolNames[tool.Name] = true
 	}
 	for _, expected := range []string{"check_kubeshark_status", "start_kubeshark", "stop_kubeshark"} {
 		if !toolNames[expected] {
 			t.Errorf("Missing expected tool: %s", expected)
 		}
 	}
 }
 // TestMCP_CheckKubesharkStatus_NotRunning tests check_kubeshark_status when Kubeshark is not running.
 func TestMCP_CheckKubesharkStatus_NotRunning(t *testing.T) {
 	requireKubernetesCluster(t)
 	binary := getKubesharkBinary(t)
 	cleanupKubeshark(t, binary)
 	session := startMCPSession(t, binary)
 	defer session.close()
 	session.initialize(t, 1)
 	resp := session.callTool(t, 2, "check_kubeshark_status", nil)
 	if resp.Error != nil {
 		t.Fatalf("check_kubeshark_status failed: %s", resp.Error.Message)
 	}
 	var result struct {
 		Content []struct{ Text string `json:"text"` } `json:"content"`
 	}
 	if err := json.Unmarshal(resp.Result, &result); err != nil {
 		t.Fatalf("Failed to parse result: %v", err)
 	}
 	if len(result.Content) == 0 || (!strings.Contains(result.Content[0].Text, "not running") && !strings.Contains(result.Content[0].Text, "NOT")) {
 		t.Errorf("Expected 'not running' status")
 	}
 }
 // TestMCP_StartKubeshark tests the start_kubeshark tool.
 func TestMCP_StartKubeshark(t *testing.T) {
 	if testing.Short() {
 		t.Skip("Skipping in short mode")
 	}
 	requireKubernetesCluster(t)
 	binary := getKubesharkBinary(t)
 	cleanupKubeshark(t, binary)
 	t.Cleanup(func() { cleanupKubeshark(t, binary) })
 	session := startMCPSessionWithDestructive(t, binary)
 	defer session.close()
 	session.initialize(t, 1)
 	resp := session.callToolWithTimeout(t, 2, "start_kubeshark", nil, 3*time.Minute)
 	if resp.Error != nil {
 		t.Fatalf("start_kubeshark failed: %s", resp.Error.Message)
 	}
 	if !isKubesharkRunning(t) {
 		t.Error("Kubeshark should be running after start_kubeshark")
 	}
 }
 // TestMCP_StartKubeshark_WithoutFlag tests that start_kubeshark fails without --allow-destructive.
 func TestMCP_StartKubeshark_WithoutFlag(t *testing.T) {
 	requireKubernetesCluster(t)
 	session := startMCPSession(t, getKubesharkBinary(t))
 	defer session.close()
 	session.initialize(t, 1)
 	resp := session.callTool(t, 2, "start_kubeshark", nil)
 	var result struct {
 		Content []struct{ Text string `json:"text"` } `json:"content"`
 		IsError bool                                  `json:"isError"`
 	}
 	if err := json.Unmarshal(resp.Result, &result); err != nil {
 		t.Fatalf("Failed to parse result: %v", err)
 	}
 	if !result.IsError {
 		t.Error("Expected isError=true without --allow-destructive")
 	}
 }
 // TestMCP_StopKubeshark tests the stop_kubeshark tool.
 func TestMCP_StopKubeshark(t *testing.T) {
 	if testing.Short() {
 		t.Skip("Skipping in short mode")
 	}
 	requireKubernetesCluster(t)
 	binary := getKubesharkBinary(t)
 	session := startMCPSessionWithDestructive(t, binary)
 	defer session.close()
 	session.initialize(t, 0)
 	// Start Kubeshark if not running
 	if !isKubesharkRunning(t) {
 		resp := session.callToolWithTimeout(t, 1, "start_kubeshark", nil, 2*time.Minute)
 		if resp.Error != nil {
 			t.Skipf("Could not start Kubeshark: %v", resp.Error.Message)
 		}
 	}
 	resp := session.callToolWithTimeout(t, 2, "stop_kubeshark", nil, 2*time.Minute)
 	if resp.Error != nil {
 		t.Fatalf("stop_kubeshark failed: %s", resp.Error.Message)
 	}
 	time.Sleep(5 * time.Second)
 	if isKubesharkRunning(t) {
 		t.Error("Kubeshark should not be running after stop_kubeshark")
 	}
 }
 // TestMCP_StopKubeshark_WithoutFlag tests that stop_kubeshark fails without --allow-destructive.
 func TestMCP_StopKubeshark_WithoutFlag(t *testing.T) {
 	requireKubernetesCluster(t)
 	session := startMCPSession(t, getKubesharkBinary(t))
 	defer session.close()
 	session.initialize(t, 1)
 	resp := session.callTool(t, 2, "stop_kubeshark", nil)
 	var result struct {
 		IsError bool `json:"isError"`
 	}
 	if err := json.Unmarshal(resp.Result, &result); err != nil {
 		t.Fatalf("Failed to parse result: %v", err)
 	}
 	if !result.IsError {
 		t.Error("Expected isError=true without --allow-destructive")
 	}
 }
 // TestMCP_FullLifecycle tests the complete lifecycle: check -> start -> check -> stop -> check
 func TestMCP_FullLifecycle(t *testing.T) {
 	if testing.Short() {
 		t.Skip("Skipping in short mode")
 	}
 	requireKubernetesCluster(t)
 	binary := getKubesharkBinary(t)
 	cleanupKubeshark(t, binary)
 	session := startMCPSessionWithDestructive(t, binary)
 	defer session.close()
 	session.initialize(t, 1)
 	// Check -> Start -> Check -> Stop -> Check
 	if resp := session.callTool(t, 2, "check_kubeshark_status", nil); resp.Error != nil {
 		t.Fatalf("Initial status check failed: %s", resp.Error.Message)
 	}
 	if resp := session.callToolWithTimeout(t, 3, "start_kubeshark", nil, 3*time.Minute); resp.Error != nil {
 		t.Fatalf("Start failed: %s", resp.Error.Message)
 	}
 	if err := waitForKubesharkReady(t, binary, startupTimeout); err != nil {
 		t.Fatalf("Kubeshark did not become ready: %v", err)
 	}
 	if resp := session.callTool(t, 4, "check_kubeshark_status", nil); resp.Error != nil {
 		t.Fatalf("Status check after start failed: %s", resp.Error.Message)
 	}
 	if resp := session.callToolWithTimeout(t, 5, "stop_kubeshark", nil, 2*time.Minute); resp.Error != nil {
 		t.Fatalf("Stop failed: %s", resp.Error.Message)
 	}
 	time.Sleep(5 * time.Second)
 	if resp := session.callTool(t, 6, "check_kubeshark_status", nil); resp.Error != nil {
 		t.Fatalf("Final status check failed: %s", resp.Error.Message)
 	}
 }
 // TestMCP_APIToolsRequireKubeshark tests that API tools return helpful errors when Kubeshark isn't running.
 func TestMCP_APIToolsRequireKubeshark(t *testing.T) {
 	requireKubernetesCluster(t)
 	binary := getKubesharkBinary(t)
 	cleanupKubeshark(t, binary)
 	session := startMCPSession(t, binary)
 	defer session.close()
 	session.initialize(t, 1)
 	for i, tool := range []string{"list_workloads", "list_api_calls", "get_api_stats"} {
 		resp := session.callTool(t, i+2, tool, nil)
 		// Either error or helpful message is acceptable
 		if resp.Error != nil {
 			t.Logf("%s returned error (expected): %s", tool, resp.Error.Message)
 		}
 	}
 }
 // TestMCP_SetFlags tests that --set flags are passed correctly.
 func TestMCP_SetFlags(t *testing.T) {
 	requireKubernetesCluster(t)
 	session := startMCPSession(t, getKubesharkBinary(t), "--set", "tap.namespaces={default}")
 	defer session.close()
 	session.initialize(t, 1)
 	resp := session.sendRequest(t, MCPRequest{JSONRPC: "2.0", ID: 2, Method: "tools/list"})
 	if resp.Error != nil {
 		t.Fatalf("tools/list failed with --set flags: %s", resp.Error.Message)
 	}
 }
 // BenchmarkMCP_CheckStatus benchmarks the check_kubeshark_status tool.
 func BenchmarkMCP_CheckStatus(b *testing.B) {
 	if testing.Short() {
 		b.Skip("Skipping benchmark in short mode")
 	}
 	if !hasKubernetesCluster() {
 		b.Skip("Skipping: no Kubernetes cluster available")
 	}
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 	cmd := exec.CommandContext(ctx, getKubesharkBinary(b), "mcp")
 	stdin, _ := cmd.StdinPipe()
 	stdout, _ := cmd.StdoutPipe()
 	reader := bufio.NewReader(stdout)
 	if err := cmd.Start(); err != nil {
 		b.Fatalf("Failed to start MCP: %v", err)
 	}
 	defer func() { cancel(); _ = cmd.Wait() }()
 	// Initialize
 	initReq, _ := json.Marshal(MCPRequest{
 		JSONRPC: "2.0", ID: 0, Method: "initialize",
 		Params: map[string]interface{}{
 			"protocolVersion": "2024-11-05",
 			"capabilities":    map[string]interface{}{},
 			"clientInfo":      map[string]interface{}{"name": "bench", "version": "1.0"},
 		},
 	})
 	_, _ = stdin.Write(append(initReq, '\n'))
 	_, _ = reader.ReadString('\n')
 	b.ResetTimer()
 	for i := 0; i < b.N; i++ {
 		req, _ := json.Marshal(MCPRequest{
 			JSONRPC: "2.0", ID: i + 1, Method: "tools/call",
 			Params: map[string]interface{}{"name": "check_kubeshark_status", "arguments": map[string]interface{}{}},
 		})
 		if _, err := stdin.Write(append(req, '\n')); err != nil {
 			b.Fatalf("Write failed: %v", err)
 		}
 		if _, err := reader.ReadString('\n'); err != nil {
 			b.Fatalf("Read failed: %v", err)
 		}
 	}
 }
--- a/kubernetes/consts.go
+++ b/kubernetes/consts.go
@@ -8,5 +8,5 @@ const (
 	HubServiceName             = HubPodName
 	K8sAllNamespaces           = ""
 	MinKubernetesServerVersion = "1.16.0"
-	AppLabelKey                = "app.kubeshark.co/app"
+	AppLabelKey                = "app.kubeshark.com/app"
 )
--- a/manifests/complete.yaml
+++ b/manifests/complete.yaml
@@ -4,17 +4,17 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-hub-network-policy
  namespace: default
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: hub
+      app.kubeshark.com/app: hub
  policyTypes:
    - Ingress
    - Egress
@@ -33,10 +33,10 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-front-network-policy
@@ -44,7 +44,7 @@ metadata:
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: front
+      app.kubeshark.com/app: front
  policyTypes:
    - Ingress
    - Egress
@@ -60,10 +60,10 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-dex-network-policy
@@ -71,7 +71,7 @@ metadata:
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: dex
+      app.kubeshark.com/app: dex
  policyTypes:
    - Ingress
    - Egress
@@ -87,10 +87,10 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-worker-network-policy
@@ -98,7 +98,7 @@ metadata:
 spec:
  podSelector:
    matchLabels:
-      app.kubeshark.co/app: worker
+      app.kubeshark.com/app: worker
  policyTypes:
    - Ingress
    - Egress
@@ -116,10 +116,10 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-service-account
  namespace: default
@@ -131,11 +131,11 @@ metadata:
  name: kubeshark-secret
  namespace: default
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
 stringData:
    LICENSE: ''
@@ -150,11 +150,11 @@ metadata:
  name: kubeshark-saml-x509-crt-secret
  namespace: default
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_CRT: |
@@ -166,11 +166,11 @@ metadata:
  name: kubeshark-saml-x509-key-secret
  namespace: default
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_KEY: |
@@ -182,10 +182,10 @@ metadata:
  name: kubeshark-nginx-config-map
  namespace: default
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
 data:
  default.conf: |
@@ -245,18 +245,18 @@ metadata:
  name: kubeshark-config-map
  namespace: default
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
 data:
    POD_REGEX: '.*'
    NAMESPACES: ''
    EXCLUDED_NAMESPACES: ''
    BPF_OVERRIDE: ''
-    STOPPED: 'false'
+    DISSECTION_ENABLED: 'true'
    SCRIPTING_SCRIPTS: '{}'
    SCRIPTING_ACTIVE_SCRIPTS: ''
    INGRESS_ENABLED: 'false'
@@ -276,36 +276,38 @@ data:
    TARGETED_PODS_UPDATE_DISABLED: ''
    PRESET_FILTERS_CHANGING_ENABLED: 'true'
    RECORDING_DISABLED: ''
-    STOP_TRAFFIC_CAPTURING_DISABLED: 'false'
+    DISSECTION_CONTROL_ENABLED: 'true'
    GLOBAL_FILTER: ""
-    DEFAULT_FILTER: "!dns and !error"
+    DEFAULT_FILTER: ""
    TRAFFIC_SAMPLE_RATE: '100'
    JSON_TTL: '5m'
-    PCAP_TTL: '10s'
+    PCAP_TTL: '0'
-    PCAP_ERROR_TTL: '60s'
+    PCAP_ERROR_TTL: '0'
    TIMEZONE: ' '
    CLOUD_LICENSE_ENABLED: 'true'
    AI_ASSISTANT_ENABLED: 'true'
    DUPLICATE_TIMEFRAME: '200ms'
-    ENABLED_DISSECTORS: 'amqp,dns,http,icmp,kafka,redis,ws,ldap,radius,diameter'
+    ENABLED_DISSECTORS: 'amqp,dns,http,icmp,kafka,redis,ws,ldap,radius,diameter,udp-flow,tcp-flow,udp-conn,tcp-conn'
    CUSTOM_MACROS: '{"https":"tls and (http or http2)"}'
    DISSECTORS_UPDATING_ENABLED: 'true'
    DETECT_DUPLICATES: 'false'
-    PCAP_DUMP_ENABLE: 'true'
+    PCAP_DUMP_ENABLE: 'false'
    PCAP_TIME_INTERVAL: '1m'
    PCAP_MAX_TIME: '1h'
    PCAP_MAX_SIZE: '500MB'
    PORT_MAPPING: '{"amqp":[5671,5672],"diameter":[3868],"http":[80,443,8080],"kafka":[9092],"ldap":[389],"redis":[6379]}'
    RAW_CAPTURE_ENABLED: 'true'
    RAW_CAPTURE_STORAGE_SIZE: '1Gi'
 ---
 # Source: kubeshark/templates/02-cluster-role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-cluster-role-default
  namespace: default
@@ -349,10 +351,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-cluster-role-binding-default
  namespace: default
@@ -370,10 +372,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role
@@ -408,16 +410,22 @@ rules:
    verbs:
      - create
      - get
  - apiGroups:
      - batch
    resources:
      - jobs
    verbs:
      - "*"
 ---
 # Source: kubeshark/templates/03-cluster-role-binding.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role-binding
@@ -436,11 +444,11 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-hub
  namespace: default
@@ -450,7 +458,7 @@ spec:
      port: 80
      targetPort: 8080
  selector:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
  type: ClusterIP
 ---
 # Source: kubeshark/templates/07-front-service.yaml
@@ -458,10 +466,10 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-front
  namespace: default
@@ -471,7 +479,7 @@ spec:
      port: 80
      targetPort: 8080
  selector:
-    app.kubeshark.co/app: front
+    app.kubeshark.com/app: front
  type: ClusterIP
 ---
 # Source: kubeshark/templates/15-worker-service-metrics.yaml
@@ -479,10 +487,10 @@ kind: Service
 apiVersion: v1
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
    prometheus.io/scrape: 'true'
@@ -491,11 +499,11 @@ metadata:
  namespace: default
 spec:
  selector:
-    app.kubeshark.co/app: worker
+    app.kubeshark.com/app: worker
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  ports:
  - name: metrics
@@ -508,10 +516,10 @@ kind: Service
 apiVersion: v1
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
    prometheus.io/scrape: 'true'
@@ -520,11 +528,11 @@ metadata:
  namespace: default
 spec:
  selector:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  ports:
  - name: metrics
@@ -537,29 +545,29 @@ apiVersion: apps/v1
 kind: DaemonSet
 metadata:
  labels:
-    app.kubeshark.co/app: worker
+    app.kubeshark.com/app: worker
    sidecar.istio.io/inject: "false"
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-worker-daemon-set
  namespace: default
 spec:
  selector:
    matchLabels:
-      app.kubeshark.co/app: worker
+      app.kubeshark.com/app: worker
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
  template:
    metadata:
      labels:
-        app.kubeshark.co/app: worker
+        app.kubeshark.com/app: worker
-        helm.sh/chart: kubeshark-52.8.1
+        helm.sh/chart: kubeshark-52.12.0
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.8.1"
+        app.kubernetes.io/version: "52.12.0"
        app.kubernetes.io/managed-by: Helm
      name: kubeshark-worker-daemon-set
      namespace: kubeshark
@@ -569,7 +577,7 @@ spec:
          - /bin/sh
          - -c
          - mkdir -p /sys/fs/bpf && mount | grep -q '/sys/fs/bpf' || mount -t bpf bpf /sys/fs/bpf
-          image: 'docker.io/kubeshark/worker:v52.8'
+          image: 'docker.io/kubeshark/worker:v52.12'
          imagePullPolicy: Always
          name: mount-bpf
          securityContext:
@@ -598,7 +606,11 @@ spec:
            - 'auto'
            - -staletimeout
            - '30'
-          image: 'docker.io/kubeshark/worker:v52.8'
+            - -storage-size
            - '10Gi'
            - -capture-db-max-size
            - '500Mi'
          image: 'docker.io/kubeshark/worker:v52.12'
          imagePullPolicy: Always
          name: sniffer
          ports:
@@ -619,7 +631,7 @@ spec:
          - name: TCP_STREAM_CHANNEL_TIMEOUT_SHOW
            value: 'false'
          - name: KUBESHARK_CLOUD_API_URL
-            value: 'https://api.kubeshark.co'
+            value: 'https://api.kubeshark.com'
          - name: PROFILING_ENABLED
            value: 'false'
          - name: SENTRY_ENABLED
@@ -672,7 +684,7 @@ spec:
            - -disable-tls-log
            - -loglevel
            - 'warning'
-          image: 'docker.io/kubeshark/worker:v52.8'
+          image: 'docker.io/kubeshark/worker:v52.12'
          imagePullPolicy: Always
          name: tracer
          env:
@@ -756,18 +768,18 @@ spec:
          name: root
        - name: data
          emptyDir:
-            sizeLimit: 5Gi
+            sizeLimit: 10Gi
 ---
 # Source: kubeshark/templates/04-hub-deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
-    app.kubeshark.co/app: hub
+    app.kubeshark.com/app: hub
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-hub
  namespace: default
@@ -775,17 +787,17 @@ spec:
  replicas: 1  # Set the desired number of replicas
  selector:
    matchLabels:
-      app.kubeshark.co/app: hub
+      app.kubeshark.com/app: hub
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
  template:
    metadata:
      labels:
-        app.kubeshark.co/app: hub
+        app.kubeshark.com/app: hub
-        helm.sh/chart: kubeshark-52.8.1
+        helm.sh/chart: kubeshark-52.12.0
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.8.1"
+        app.kubernetes.io/version: "52.12.0"
        app.kubernetes.io/managed-by: Helm
    spec:
      dnsPolicy: ClusterFirstWithHostNet
@@ -800,6 +812,14 @@ spec:
            - 'warning'
            - -capture-stop-after
            - "5m"
            - -snapshot-size-limit
            - '20Gi'
            - -dissector-image
            - 'kubeshark/worker:master'
            - -dissector-cpu
            - '1'
            - -dissector-memory
            - '4Gi'
          env:
          - name: POD_NAME
            valueFrom:
@@ -814,10 +834,10 @@ spec:
          - name: SENTRY_ENVIRONMENT
            value: 'production'
          - name: KUBESHARK_CLOUD_API_URL
-            value: 'https://api.kubeshark.co'
+            value: 'https://api.kubeshark.com'
          - name: PROFILING_ENABLED
            value: 'false'
-          image: 'docker.io/kubeshark/hub:v52.8'
+          image: 'docker.io/kubeshark/hub:v52.12'
          imagePullPolicy: Always
          readinessProbe:
            periodSeconds: 5
@@ -850,6 +870,8 @@ spec:
          - name: saml-x509-volume
            mountPath: "/etc/saml/x509"
            readOnly: true
          - name: snapshots-volume
            mountPath: "/app/data/snapshots"
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
@@ -873,17 +895,20 @@ spec:
              items:
              - key: AUTH_SAML_X509_KEY
                path: kubeshark.key
      - name: snapshots-volume
        emptyDir:
          sizeLimit: 20Gi
 ---
 # Source: kubeshark/templates/06-front-deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
-    app.kubeshark.co/app: front
+    app.kubeshark.com/app: front
-    helm.sh/chart: kubeshark-52.8.1
+    helm.sh/chart: kubeshark-52.12.0
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.8.1"
+    app.kubernetes.io/version: "52.12.0"
    app.kubernetes.io/managed-by: Helm
  name: kubeshark-front
  namespace: default
@@ -891,17 +916,17 @@ spec:
  replicas: 1  # Set the desired number of replicas
  selector:
    matchLabels:
-      app.kubeshark.co/app: front
+      app.kubeshark.com/app: front
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
  template:
    metadata:
      labels:
-        app.kubeshark.co/app: front
+        app.kubeshark.com/app: front
-        helm.sh/chart: kubeshark-52.8.1
+        helm.sh/chart: kubeshark-52.12.0
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.8.1"
+        app.kubernetes.io/version: "52.12.0"
        app.kubernetes.io/managed-by: Helm
    spec:
      containers:
@@ -912,6 +937,8 @@ spec:
              value: 'default'
            - name: REACT_APP_COMPLETE_STREAMING_ENABLED
              value: 'true'
            - name: REACT_APP_STREAMING_TYPE
              value: 'connect-rpc'
            - name: REACT_APP_AUTH_SAML_IDP_METADATA_URL
              value: ' '
            - name: REACT_APP_TIMEZONE
@@ -926,23 +953,25 @@ spec:
              value: 'true'
            - name: REACT_APP_RECORDING_DISABLED
              value: 'false'
-            - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED
+            - name: REACT_APP_DISSECTION_CONTROL_ENABLED
-              value: 'false'
+              value: 'true'
            - name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
              value: 'true'
            - name: 'REACT_APP_AI_ASSISTANT_ENABLED'
              value: 'true'
            - name: REACT_APP_SUPPORT_CHAT_ENABLED
-              value: 'true'
+              value: 'false'
            - name: REACT_APP_BETA_ENABLED
              value: 'false'
            - name: REACT_APP_DISSECTORS_UPDATING_ENABLED
              value: 'true'
            - name: REACT_APP_RAW_CAPTURE_ENABLED
              value: 'true'
            - name: REACT_APP_SENTRY_ENABLED
              value: 'false'
            - name: REACT_APP_SENTRY_ENVIRONMENT
              value: 'production'
-          image: 'docker.io/kubeshark/front:v52.8'
+          image: 'docker.io/kubeshark/front:v52.12'
          imagePullPolicy: Always
          name: kubeshark-front
          livenessProbe:
--- a/manifests/tls/cluster-issuer.yaml
+++ b/manifests/tls/cluster-issuer.yaml
@@ -5,7 +5,7 @@ metadata:
 spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
-    email: info@kubeshark.co
+    email: info@kubeshark.com
    privateKeySecretRef:
      name: letsencrypt-prod-key
    solvers:
--- a/mcp/README.md
+++ b/mcp/README.md
@@ -0,0 +1,204 @@
 # Kubeshark MCP Server
 [Kubeshark](https://kubeshark.com) MCP (Model Context Protocol) server enables AI assistants like Claude Desktop, Cursor, and other MCP-compatible clients to query real-time Kubernetes network traffic.
 ## Features
 - **L7 API Traffic Analysis**: Query HTTP, gRPC, Redis, Kafka, DNS transactions
 - **L4 Network Flows**: View TCP/UDP flows with traffic statistics
 - **Cluster Management**: Start/stop Kubeshark deployments (with safety controls)
 - **PCAP Snapshots**: Create and export network captures
 - **Built-in Prompts**: Pre-configured prompts for common analysis tasks
 ## Installation
 ### 1. Install Kubeshark CLI
 ```bash
 # macOS
 brew install kubeshark
 # Linux
 sh <(curl -Ls https://kubeshark.com/install)
 # Windows (PowerShell)
 choco install kubeshark
 ```
 Or download from [GitHub Releases](https://github.com/kubeshark/kubeshark/releases).
 ### 2. Configure Claude Desktop
 Add to your Claude Desktop configuration:
 **macOS**: `~/Library/Application Support/Claude/claude_desktop_config.json`
 **Windows**: `%APPDATA%\Claude\claude_desktop_config.json`
 #### URL Mode (Recommended for existing deployments)
 ```json
 {
  "mcpServers": {
    "kubeshark": {
      "command": "kubeshark",
      "args": ["mcp", "--url", "https://kubeshark.example.com"]
    }
  }
 }
 ```
 #### Proxy Mode (Requires kubectl access)
 ```json
 {
  "mcpServers": {
    "kubeshark": {
      "command": "kubeshark",
      "args": ["mcp", "--kubeconfig", "/path/to/.kube/config"]
    }
  }
 }
 ```
 or:
 ```json
 {
  "mcpServers": {
    "kubeshark": {
      "command": "kubeshark",
      "args": ["mcp"]
    }
  }
 }
 ```
 #### With Destructive Operations
 ```json
 {
  "mcpServers": {
    "kubeshark": {
      "command": "kubeshark",
      "args": ["mcp", "--allow-destructive", "--kubeconfig", "/path/to/.kube/config"]
    }
  }
 }
 ```
 ### 3. Generate Configuration
 Use the CLI to generate configuration:
 ```bash
 kubeshark mcp --mcp-config --url https://kubeshark.example.com
 ```
 ## Available Tools
 ### Traffic Analysis (All Modes)
 | Tool | Description |
 |------|-------------|
 | `list_workloads` | List pods, services, namespaces with observed traffic |
 | `list_api_calls` | Query L7 API transactions with KFL filtering |
 | `get_api_call` | Get detailed info about a specific API call |
 | `get_api_stats` | Get aggregated API statistics |
 | `list_l4_flows` | List L4 (TCP/UDP) network flows |
 | `get_l4_flow_summary` | Get L4 connectivity summary |
 | `list_snapshots` | List all PCAP snapshots |
 | `create_snapshot` | Create a new PCAP snapshot |
 | `get_dissection_status` | Check L7 protocol parsing status |
 | `enable_dissection` | Enable L7 protocol dissection |
 | `disable_dissection` | Disable L7 protocol dissection |
 ### Cluster Management (Proxy Mode Only)
 | Tool | Description | Requires |
 |------|-------------|----------|
 | `check_kubeshark_status` | Check if Kubeshark is running | - |
 | `start_kubeshark` | Deploy Kubeshark to cluster | `--allow-destructive` |
 | `stop_kubeshark` | Remove Kubeshark from cluster | `--allow-destructive` |
 ## Available Prompts
 | Prompt | Description |
 |--------|-------------|
 | `analyze_traffic` | Analyze API traffic patterns and identify issues |
 | `find_errors` | Find and summarize API errors and failures |
 | `trace_request` | Trace a request path through microservices |
 | `show_topology` | Show service communication topology |
 | `latency_analysis` | Analyze latency patterns and identify slow endpoints |
 | `security_audit` | Audit traffic for security concerns |
 | `compare_traffic` | Compare traffic patterns between time periods |
 | `debug_connection` | Debug connectivity issues between services |
 ## Example Conversations
 ```
 User: Show me all HTTP 500 errors in the last hour
 Claude: I'll query the API traffic for 500 errors.
 [Calling list_api_calls with kfl="http and response.status == 500"]
 Found 12 HTTP 500 errors:
 1. POST /api/checkout -> payment-service (500)
   Time: 10:23:45 | Latency: 2340ms
 ...
 ```
 ```
 User: What services are communicating with the database?
 Claude: Let me check the L4 flows to the database.
 [Calling list_l4_flows with dst_filter="postgres"]
 Found 5 services connecting to postgres:5432:
 - orders-service: 456KB transferred
 - users-service: 123KB transferred
 ...
 ```
 ## CLI Options
 | Option | Description |
 |--------|-------------|
 | `--url` | Direct URL to Kubeshark Hub |
 | `--kubeconfig` | Path to kubeconfig file |
 | `--allow-destructive` | Enable start/stop operations |
 | `--list-tools` | List available tools and exit |
 | `--mcp-config` | Print Claude Desktop config JSON |
 ## KFL (Kubeshark Filter Language)
 Query traffic using KFL syntax:
 ```
 # HTTP requests to a specific path
 http and request.path == "/api/users"
 # Errors only
 response.status >= 400
 # Specific source pod
 src.pod.name == "frontend-.*"
 # Multiple conditions
 http and src.namespace == "default" and response.status == 500
 ```
 ## MCP Registry
 Kubeshark is published to the [MCP Registry](https://registry.modelcontextprotocol.io/) automatically on each release.
 The `server.json` in this directory is a reference file. The actual registry metadata (version, SHA256 hashes) is auto-generated during the release workflow. See [`.github/workflows/release.yml`](../.github/workflows/release.yml) for details.
 ## Links
 - [Documentation](https://docs.kubeshark.com/en/mcp)
 - [GitHub](https://github.com/kubeshark/kubeshark)
 - [Website](https://kubeshark.com)
 - [MCP Registry](https://registry.modelcontextprotocol.io/)
 ## License
 Apache-2.0
--- a/mcp/server.json
+++ b/mcp/server.json
@@ -0,0 +1,178 @@
 {
  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
  "name": "io.github.kubeshark/mcp",
  "displayName": "Kubeshark",
  "description": "Real-time Kubernetes network traffic visibility and API analysis for HTTP, gRPC, Redis, Kafka, DNS.",
  "icon": "https://raw.githubusercontent.com/kubeshark/assets/refs/heads/master/logo/ico/icon.ico",
  "repository": {
    "url": "https://github.com/kubeshark/kubeshark",
    "source": "github"
  },
  "homepage": "https://kubeshark.com",
  "license": "Apache-2.0",
  "version": "AUTO_GENERATED_AT_RELEASE",
  "authors": [
    {
      "name": "Kubeshark",
      "url": "https://kubeshark.com"
    }
  ],
  "categories": [
    "kubernetes",
    "networking",
    "observability",
    "debugging",
    "security"
  ],
  "_note": "version and packages.fileSha256 are auto-generated at release time by .github/workflows/release.yml",
  "tags": ["kubernetes", "network", "traffic", "api", "http", "grpc", "kafka", "redis", "dns", "pcap", "wireshark", "tcpdump", "observability", "debugging", "microservices"],
  "packages": [
    {
      "registryType": "mcpb",
      "identifier": "https://github.com/kubeshark/kubeshark/releases/download/vX.Y.Z/kubeshark-mcp_darwin_arm64.mcpb",
      "fileSha256": "AUTO_GENERATED",
      "transport": { "type": "stdio" }
    },
    {
      "registryType": "mcpb",
      "identifier": "https://github.com/kubeshark/kubeshark/releases/download/vX.Y.Z/kubeshark-mcp_darwin_amd64.mcpb",
      "fileSha256": "AUTO_GENERATED",
      "transport": { "type": "stdio" }
    },
    {
      "registryType": "mcpb",
      "identifier": "https://github.com/kubeshark/kubeshark/releases/download/vX.Y.Z/kubeshark-mcp_linux_arm64.mcpb",
      "fileSha256": "AUTO_GENERATED",
      "transport": { "type": "stdio" }
    },
    {
      "registryType": "mcpb",
      "identifier": "https://github.com/kubeshark/kubeshark/releases/download/vX.Y.Z/kubeshark-mcp_linux_amd64.mcpb",
      "fileSha256": "AUTO_GENERATED",
      "transport": { "type": "stdio" }
    },
    {
      "registryType": "mcpb",
      "identifier": "https://github.com/kubeshark/kubeshark/releases/download/vX.Y.Z/kubeshark-mcp_windows_amd64.mcpb",
      "fileSha256": "AUTO_GENERATED",
      "transport": { "type": "stdio" }
    }
  ],
  "tools": [
    {
      "name": "check_kubeshark_status",
      "description": "Check if Kubeshark is currently running in the cluster. Read-only operation.",
      "mode": "proxy"
    },
    {
      "name": "start_kubeshark",
      "description": "Deploy Kubeshark to the Kubernetes cluster. Requires --allow-destructive flag.",
      "mode": "proxy",
      "destructive": true
    },
    {
      "name": "stop_kubeshark",
      "description": "Remove Kubeshark from the Kubernetes cluster. Requires --allow-destructive flag.",
      "mode": "proxy",
      "destructive": true
    },
    {
      "name": "list_workloads",
      "description": "List pods, services, namespaces, and nodes with observed L7 traffic.",
      "mode": "all"
    },
    {
      "name": "list_api_calls",
      "description": "Query L7 API transactions (HTTP, gRPC, Redis, Kafka, DNS) with KFL filtering.",
      "mode": "all"
    },
    {
      "name": "get_api_call",
      "description": "Get detailed information about a specific API call including headers and body.",
      "mode": "all"
    },
    {
      "name": "get_api_stats",
      "description": "Get aggregated API statistics and metrics.",
      "mode": "all"
    },
    {
      "name": "list_l4_flows",
      "description": "List L4 (TCP/UDP) network flows with traffic statistics.",
      "mode": "all"
    },
    {
      "name": "get_l4_flow_summary",
      "description": "Get L4 connectivity summary including top talkers and cross-namespace traffic.",
      "mode": "all"
    },
    {
      "name": "list_snapshots",
      "description": "List all PCAP snapshots.",
      "mode": "all"
    },
    {
      "name": "create_snapshot",
      "description": "Create a new PCAP snapshot of captured traffic.",
      "mode": "all"
    },
    {
      "name": "get_dissection_status",
      "description": "Check L7 protocol parsing status.",
      "mode": "all"
    },
    {
      "name": "enable_dissection",
      "description": "Enable L7 protocol dissection.",
      "mode": "all"
    },
    {
      "name": "disable_dissection",
      "description": "Disable L7 protocol dissection.",
      "mode": "all"
    }
  ],
  "prompts": [
    { "name": "analyze_traffic", "description": "Analyze API traffic patterns and identify issues" },
    { "name": "find_errors", "description": "Find and summarize API errors and failures" },
    { "name": "trace_request", "description": "Trace a request path through microservices" },
    { "name": "show_topology", "description": "Show service communication topology" },
    { "name": "latency_analysis", "description": "Analyze latency patterns and identify slow endpoints" },
    { "name": "security_audit", "description": "Audit traffic for security concerns" },
    { "name": "compare_traffic", "description": "Compare traffic patterns between time periods" },
    { "name": "debug_connection", "description": "Debug connectivity issues between services" }
  ],
  "configuration": {
    "properties": {
      "url": {
        "type": "string",
        "description": "Direct URL to Kubeshark Hub (e.g., https://kubeshark.example.com). When set, connects directly without kubectl/proxy.",
        "examples": ["https://kubeshark.example.com", "http://localhost:8899"]
      },
      "kubeconfig": {
        "type": "string",
        "description": "Path to kubeconfig file for proxy mode.",
        "examples": ["~/.kube/config", "/path/to/.kube/config"]
      },
      "allow-destructive": {
        "type": "boolean",
        "description": "Enable destructive operations (start_kubeshark, stop_kubeshark). Default: false for safety.",
        "default": false
      }
    }
  },
  "modes": {
    "url": {
      "description": "Connect directly to an existing Kubeshark deployment via URL. Cluster management tools are disabled.",
      "args": ["mcp", "--url", "${url}"]
    },
    "proxy": {
      "description": "Connect via kubectl port-forward. Requires kubeconfig access to the cluster.",
      "args": ["mcp", "--kubeconfig", "${kubeconfig}"]
    },
    "proxy-destructive": {
      "description": "Proxy mode with destructive operations enabled.",
      "args": ["mcp", "--kubeconfig", "${kubeconfig}", "--allow-destructive"]
    }
  }
 }
--- a/misc/consts.go
+++ b/misc/consts.go
@@ -10,8 +10,8 @@ var (
 	Software       = "Kubeshark"
 	Program        = "kubeshark"
 	Description    = "The API Traffic Analyzer for Kubernetes"
-	Website        = "https://kubeshark.co"
+	Website        = "https://kubeshark.com"
-	Email          = "info@kubeshark.co"
+	Email          = "support@kubeshark.com"
 	Ver            = "0.0.0"
 	Branch         = "master"
 	GitCommitHash  = "" // this var is overridden using ldflags in makefile when building