Collected sources and patterns will appear here. Add from search, explore, or the patterns library.
LiveEndpointReference -> LightweightContainer
Collect critical system artifacts from live endpoints or hypervisors into a compressed container without causing file lock contention.
Problem it solves
Forensics collection on live machines fails when files are locked by the OS or active processes.
Consumes
Emits
The real projects this mechanism was found in. Attribution is the point — this is how the best teams actually do it.