// artifact family
ot / ics visibility platform forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- claroty ctd alert export forensic analyzerdrop claroty alert export · parse asset + alert type + severity · runs locally
- dragos platform incident export forensic analyzerdrop dragos incident export · parse asset + technique + stage · runs locally
- nozomi networks alert log forensic analyzerdrop nozomi alert export · parse node + protocol + risk · runs locally
- armis asset activity log forensic analyzerdrop armis activity export · parse device + behavior + policy · runs locally
- tenable ot asset discovery export forensic analyzerdrop tenable.ot export · parse asset + vulnerability + zone · runs locally
- ot visibility rogue device detectordrop ot asset inventory export · detect unauthorized ics devices · runs locally
- ot protocol anomaly burst detectordrop ot visibility event export · detect burst protocol anomalies · runs locally
- ics zone bypass anomaly detectordrop ot segmentation log export · detect cross-zone communication · runs locally
- multi ot visibility timeline correlatordrop 2+ ot visibility exports · unified ics alert timeline graph · runs locally
- cross ot visibility network correlatordrop ot visibility + network flow exports · correlate asset to ip/mac · runs locally