// artifact family
cnapp / cloud-native security forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- aqua security cnapp alert forensic analyzerdrop aqua cnapp alert export · parse workload + image + policy · runs locally
- sysdig secure cloud threat forensic analyzerdrop sysdig threat export · parse container + rule + severity · runs locally
- trend micro cloud one alert forensic analyzerdrop cloud one alert export · parse workload + compliance + action · runs locally
- checkpoint cloudguard dome9 forensic analyzerdrop cloudguard dome9 export · parse asset + rule + risk · runs locally
- palo alto prisma cloud compute graph forensic analyzerdrop prisma compute graph export · parse workload + exposure + path · runs locally
- cnapp container escape detectordrop cnapp runtime export · detect container escape indicators · runs locally
- cnapp public exposure burst detectordrop cnapp exposure export · detect burst public service exposure · runs locally
- cnapp workload privilege escalation detectordrop cnapp runtime export · detect privilege escalation in workloads · runs locally
- multi cnapp cloud risk correlatordrop 2+ cnapp risk exports · unified cloud risk timeline graph · runs locally
- cross cnapp identity workload correlatordrop cnapp + iam exports · correlate workload owner to active accounts · runs locally