- Telecom protocols
- NGAP, PFCP, GTP-U, F1AP, E1AP, XnAP, E2AP, SCTP, Diameter, RADIUS, SIP, SBI HTTP/2, NAS5G, M3UA, IKEv2
- Network functions
- AMF, SMF, UPF, NRF, PCF, CU, DU, RIC, MME, SGW, PGW, HSS, IMS, Diameter, RADIUS, SIGTRAN
- User plane state
- PFCP sessions, SEIDs, PDRs, FARs, URRs, heartbeats, GTP-U TEIDs, tunnel churn, tunnel floods, peer drift
- Open RAN evidence
- E2, O1, O2, xApp, rApp, Near RT RIC, KPM, management peers, rogue RIC, public peer exposure, WG11 mapping
- Runtime forensics
- Process lineage, behavioral fingerprints, fleet correlation, shell sessions, network connections, protocol captures
- CNF security
- Pod inventory, posture findings, image digests, network policies, reconstructed YAML, admission decisions
- Vulnerability exposure
- Image discovery, Trivy scanning, CVE counts, CycloneDX export, affected hosts, private registry support
- AI assisted analysis
- 44 structured tools over events, fleet, alerts, anomalies, telecom inventory, tunnels, SLOs, SBOM, and correlation