Product

AxoDen Forensic Intelligence

AxoDen Forensic Intelligence sits between SIEM or SOAR inputs and the analyst workflow, applies deterministic triage and kernel admission, and emits replayable campaign-level forensic artefacts.

Request walkthrough Back to products

Operational middleware

Forensic middleware for replayable, audit-grade SOC investigation packages.

The product should be presented as forensic middleware that complements existing SOC tooling rather than trying to replace SIEM or SOAR platforms.

What it does

Processes JSON, CEF, LEEF, and Syslog-style telemetry into a deterministic staged forensic pipeline.
Uses kernel admission and ARV gates before enrichment and reporting paths.
Emits ledgers, reports, graphs, manifests, and campaign-level investigation bundles with explicit claim labels.

Deployment surface

CLI execution for local or batch forensic runs.
API mode for middleware-style integration.
Dockerized runtime for controlled operational deployment.

Primary role

Forensic middleware

Core output model

Multi-ledger artifacts

Runtime surfaces

CLI + API + Docker

Safe public claims

Deterministic-first forensic middleware for SOC telemetry.
Replayable and inspectable evidence chain with graph-native campaign reasoning.
Bounded assistive generation where LLM components are present.

Current claim boundary

Do not market it as a SIEM or SOAR replacement.
Keep LLM assistance explicitly non-authoritative.
Frame it as middleware and investigation support, not a generic alert summarizer.