// artifact family
service mesh security forensics
10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.
tools in this family
ordered as in the forensics catalog. every tool runs locally — no upload, no account.
- istio telemetry access log forensic analyzerdrop istio telemetry export · parse source + destination + response code · runs locally
- istio envoy sidecar log forensic analyzerdrop envoy sidecar log export · parse cluster + route + upstream · runs locally
- linkerd proxy access log forensic analyzerdrop linkerd proxy log export · parse dst + src + tls status · runs locally
- consul service mesh intention forensic analyzerdrop consul intention export · parse source + destination + action · runs locally
- kuma mesh traffic log forensic analyzerdrop kuma traffic log export · parse mesh + service + protocol · runs locally
- service mesh mtls bypass detectordrop mesh access log export · detect plaintext/mtls downgrade paths · runs locally
- service mesh unauthorized route detectordrop mesh route export · detect routes without authz policy · runs locally
- sidecar injection anomaly detectordrop mesh workload export · detect missing/unexpected sidecar injection · runs locally
- multi service mesh traffic timeline correlatordrop 2+ mesh traffic exports · unified service call timeline graph · runs locally
- cross service mesh identity correlatordrop mesh + iam exports · correlate spiffe/workload identity to accounts · runs locally