drop evtx csvs · tool detection exports · ioc lists · automatically map observed behaviors to att&ck techniques · generate navigator layer json · visualize technique coverage · export for att&ck navigator · runs locally
drop evtx csvs · local only
heuristic screener · vendor schema varies · not definitive proof