Learn What Your Plugins Are Really Doing With PluginsMonitorFree


SaschArt releases PluginsMonitorFree, a freeware tool to check the security of your VST plugins.

I’m a former cybersecurity specialist by trade. It is a high-stress field of work, as I’m sure any current professional will attest. So, it certainly piqued my interest to see something security oriented for music production.

PluginsMonitorFree is a bit like WireShark, but for VSTs, if that makes sense.

It won’t help you make your next great hit, nor will it let you get the perfect compressed sound on a snare. However, it shows you what is happening in the background when you run things in your DAW.

PluginsMonitor effectively begins tracking the core functions of a plugin on load. While your plugin is running, PluginsMonitorFree is also running and analyzing every single call and action it performs.

I used u-he Diva as my test example when trying PluginsMonitorFree. U-he is a reputable developer, so it was certain that I won’t find any security issues with their flagship plugin.

Even so, I was interested to see what resources were loaded and any network communications that might have occurred.

Anyway, I’ve had Diva registered for years, and just as expected, I saw no unusual network traffic. TAL-U-NO-LX analysis was just as dull, with no juicy red flags thrown up while in use.

That said, PluginsMonitorFree could shed new light on some free plugins that might be too good to be true. At the very least, it’ll help you understand what is happening with your system.

PluginsFreeMonitor also supports logging, which I’m a massive fan of. You don’t always have time to read over every action a plugin might take. However, logs are an invaluable resource if you’re cut from the same cloth as others in the IT trade.

If there is a complaint to be leveled at PluginsMonitorFree, it is a simple fact that the software is Windows-only. I’m a recent Mac convert, and I would love to see a utility like this readily available for Silicon devices.

That said, you’ll need a Windows machine running either a 32-bit or 64-bit version of Windows to function. Supported plugin formats are VST2 and VST3.

PluginsMonitorFree isn’t your average utility, but it is useful if you’ve ever been curious about what your plugins are doing in the background.

We always recommend scanning all VST plugins with your favorite anti-malware tool before installation. PluginsMonitorFree can be the next step to ensuring your DAW is 100% clean and safe.

And if you like handy utility tools for music producers, check out the recently released Audio Plugin Uninstaller for macOS.

Download: PluginsMonitorFree (FREE)


Share this article. ♥️

About Author

Avatar photo

Liam is a producer, mixing engineer, and compressor aficionado. When not mixing, he can be found pretending to play guitar, as he has been doing for the last 20 years.


      • They also actually create log files so it is not so difficult to see what they are doing. I know this as I once opened a ticket with them and they pointed me to the location of the logs. And while the support could not find it out I then actually was able to fix the issue myself with the help of the logs.

    • Definitely! Waves Audio is situated in the same country which is infamous for “cyber security” companies like (NSO Group / Pegasus). If anyone is still using Wares (please don’t) it would also be interesting to now what is going on!

    • They’re wasting precious space on your HD — space that could be used for much better plugins that don’t require WAP, Waves Central, or their annoying plugin wrapper.

  1. There will not be a Mac version: “Unfortunately, Apple OS’s security system doesn’t support cross-module scanning. This system has a drawback: plugins cannot be scanned and there is no security checking in compensation. So PluginsMonitor cannot work on this operating system.”

  2. Michal Ochedowski


    I would put this type of software in the distraction category, but on the other hand can’t really fault the general concept. It might be a great tool for more curious users.

  3. I am quite interested in what plugins are doing when installed.

    I realized recently that IK Multimedia for instance store downloaded zip file of the installers in an obscure folder, instead of deleting it after installation has been completed.

    Getting rid of that got me back some gigabytes precious harddrive space

    • Bruno de Souza Lino


      That obscure folder on Windows is located at “C:\Users\\Documents\IK Multimedia\IK Product Manager.” Really obscure place.

  4. William, VirusTotal has 5 detections for the 32bit version and 3 for the 64bit vst and 64bit vst3 versions of this plugin. As a cybersecurity expert can you please confirm that this is normal and expected precisely because of the specific nature of this tool and what it has access to within the OS?

    • I see 2 detections on the 64bit, neither by reputable anti-virus companies, and 5 on the 32bit, but all AI machine learning ‘guesses’, which are nearly-almost false positives.

  5. Cool! I’m getting this. Now how should I check that this SaschArt monitor is secure? (Maye I can learn WireShark?)
    But yeah, I am glad there is something like this.

  6. electric butterfly


    It’s possible to block the internet access per plugin and let the DAW connect to the internet as well as other plugins.

    This is excellent! With my firewall I can’t do that, just block everything.

  7. This program is great, will be my first security option because it’s dedicated to audio plugins. I can’t believe it’s free.

  8. I’m curious why Vital sends so much data to their server. It’s obvious that not only my login email and password are sent.

  9. I tested it myself, this plugin can do what other security systems can’t…

    Antivirus programs are zero until a program is flagged as malware. Who scans the audio plugins on time? Anyway, it takes a long time.

    WireShark is not able to says which plugin connects to the internet so it’s useless.

    Can we block a plugin with a firewall?

    This does not have these limitations.

  10. It seems to me a welcome premiere, we are forced to take into account the security of our DAW.

    Before that, it was not even known that the guys from Orbs send the data with the musicians’ work on their server.

    Thanks for sharing.

Leave A Reply