Request Case Review

Data Exfiltration Pattern Detector

Upload a forensic timeline and automatically detect suspicious patterns consistent with unauthorized data removal, staged collection, cloud transfer, email exfiltration, or print/export activity.

USB / Removable Media Staged Collection Cloud / Web Upload Email Exfiltration Print / Export

Get ranked findings, confidence labels, and short review-ready summaries.

Start a Local Scan

Upload Timeline

Upload a timeline to detect exfiltration patterns.

Drop a CSV timeline here or choose a file to begin scanning.

Analysis runs locally in your browser. No timeline data is sent to a backend.

Upload a timeline to detect exfiltration patterns

This scanner automatically checks for removable media transfer, staged collection, cloud upload, email exfiltration, and print/export activity.

Supports CSV timeline files. Large files may take longer to analyze.

Awaiting file upload.

Upload a timeline file and run scan to begin analysis.

Large files may take a moment.

    Status: Idle

    Scan Diagnostics

    Live stage timings for local scan performance.

    Stage Status Time Details

    This detector is designed specifically for exfiltration-related matters, including employee misconduct, trade secret theft, unauthorized copying, cloud transfer, and suspicious file staging.

    Try a Real Scenario

    Use sample matter datasets to evaluate issue spotting, sequence reconstruction, and chronology reliability.

    Featured Scenario

    Data Leakage Case

    A realistic digital evidence scenario involving sensitive file handling, cloud or removable media activity, communications, and possible data movement.

    Scenario

    Hacking / Access Case

    A scenario focused on access-related behavior useful for testing authentication, endpoint, and sequence interpretation patterns.

    Build: 6860b7b · 2026-05-06T17:55:53Z