// tool reference · Monitoring & Detection
Suspicious Pattern Analyzer Free + Pro
AI-assisted scoring of logs and payloads for suspicious, signature-less patterns.
Open Suspicious Pattern Analyzer →
What it does
Behavioural anomaly detection for activity that has no signature yet. Instead of matching known-bad, it looks for shapes that are wrong: timing regularity, entropy, sequence and volume anomalies.
When to use it
- Something feels wrong but nothing matched a rule.
- You suspect beaconing, living-off-the-land activity, or a novel pattern.
Inputs
Field names are the actual form parameters, verified against source.
| Field | Type | Required | Notes |
|---|---|---|---|
| sample | textarea | required | The activity sample — logs, process lines, connection records. |
| source_type | select | optional | What the sample is, to guide parsing. |
| use_ai | checkbox | optional | Add AI interpretation over the deterministic findings. |
| authorized | checkbox | required | Confirm you are authorised to analyse this data. |
What you get back
Ranked anomalies with the statistical reason each was flagged.
How it works
Deterministic statistics first (entropy, interval regularity, frequency); optional AI narrative second.
Privacy
Analysed in memory. Not persisted.
Standards
MITRE ATT&CKNIST CSF (DE.CM)
Related tools
Log Analyzer
Paste logs to detect brute-force, privilege escalation and malware indicators with MITRE mapping.
AI Network Traffic Analyzer
Paste connection logs to detect C2 beaconing, port scans, risky-port use, and possible exfiltration.
AI Detection-Engineering Studio
Turn a threat description or log sample into a Sigma detection rule, a SIEM query, false-positive tuning, and test cases.