fatcousin
// artifact family

zero-trust / sase access forensics

10 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.

tools
10
catalog slugs
10
processing
local · in browser

tools in this family

ordered as in the forensics catalog. every tool runs locally — no upload, no account.

  1. zscaler zia web log forensic analyzerdrop zscaler zia web log export · parse url category + policy + user · runs locally
  2. zscaler zpa app connector log forensic analyzerdrop zscaler zpa connector log · parse app segment + broker + session · runs locally
  3. cloudflare access audit log forensic analyzerdrop cloudflare access audit export · parse app + identity + device posture · runs locally
  4. palo alto prisma access log forensic analyzerdrop prisma access log export · parse gateway + app + risk score · runs locally
  5. cisco umbrella dns security log forensic analyzerdrop umbrella dns log export · parse category + identity + block/allow · runs locally
  6. netskope cloud access security log forensic analyzerdrop netskope casb log export · parse app + activity + dlp hits · runs locally
  7. okta device trust posture log forensic analyzerdrop okta device trust export · parse posture checks + managed vs unmanaged · runs locally
  8. microsoft entra conditional access log forensic analyzerdrop entra ca sign-in export · parse grant/block + policy id + risk · runs locally
  9. tailscale wireguard session log forensic analyzerdrop tailscale admin audit + flow log · parse node + acl + exit node use · runs locally
  10. zero trust access anomaly correlatordrop 2+ sase/zero-trust exports · correlate user + app + geo mismatch · runs locally
ready