Forge
The normalization engine that turns raw evidence into structured investigations.
"Forge turns raw evidence into structured investigation"
The normalization engine that turns raw evidence into structured investigations.
Forge is the second pillar of the PowerForensics ecosystem. It acts as the critical bridge between evidence collection (PowerTriage) and advanced analysis (Chronos and Nexus).
Without normalization, data is just noise. Forge processes heterogeneous logs and transforms them into a unified format (JSON) ready for visualization and correlation.
Originally conceived as a support component, Forge has evolved to become the central processing engine, ensuring that every piece of evidence has its place in the timeline and relationship graph.
Converts disparate formats (Syslog, EVTX, JSON, CSV and cloud logs) into a common structure understandable by the analysis platform.
Open and free version focused on AWS CloudTrail log processing. Ideal for cloud incidents and learning.
Full Multi-Cloud support: AWS, Azure, Microsoft 365, and Google Cloud Platform (GCP). Designed for complex enterprise environments.
Directly feeds Chronos for timelines and Nexus for relationship graphs, eliminating the need for manual data conversion.