Technical findings on AI tool artifact persistence, browser forensics, and what the data shows when you look past the UI. Verifiable by any practitioner with Chrome installed.
Three categories of forensic artifacts persist on Windows endpoints after an employee uses a browser-based AI tool and deletes the session. This paper documents what they are, where they live on disk, and what each one proves — with a step-by-step verification guide so any practitioner can confirm the findings on their own machine.
Edge cases, macOS artifact paths, and enterprise MDM blind spots. Follow on LinkedIn or check back.
The research shows what the artifacts contain. An audit shows what's in your environment — deleted conversations, shadow AI accounts, and data already in vendor training pipelines.