Practical Endpoint Response
Automated incident response software any company can use to investigate their alerts.
Agentless: Easier to deploy than EDR
Automated: Easier to use than command lines
Thorough: More complete than antivirus
Practical: Designed for non-forensics experts
Trusted by U.S. Federal Law Enforcement and Expert Investigators
Investigate Your Endpoints
When your SIEM or detection system generates an alert, you need to investigate endpoints to determine severity and scope. Cyber Triage integrates with your SIEM, orchestration, or ticketing system to give your cyber first responders the endpoint visibility they need to make decisions and remediate.
An alert is generated from a SIEM or detection system
An analyst is assigned in a ticketing system
Cyber Triage is deployed to the endpoint
Severity is determined and the incident is remediated
Why Cyber Triage?
Every organization needs a cyber first response that is more thorough than simply relying on a single antivirus scan, which misses new malware and doesn’t detect compromised user accounts.
Faster than
Ad-hoc Approaches
Command line tools are time consuming and error prone. Cyber Triage’s automated techniques and backend database allow you to more quickly collect, analyze, and interpret results.
Easier to Deploy than
Agent-based Systems
Deploying agents can be expensive and time consuming. Cyber Triage’s agentless approach means fewer approvals and works when the security team does not have administrator privileges.
Simpler than
Forensic Tools
Forensic tools are hard to use for the average security team and have features that won’t be used. Cyber Triage’s focus on the triage step means a simpler interface and a lower price.
How Does Cyber Triage Work?
Cyber Triage investigates the endpoint by pushing the collection tool over the network,
collecting relevant data, and analyzing it for malware and suspicious activity.
A new session is created in Cyber Triage
The collection tool is sent to the endpoint over network or USB
Volatile, registry, and file data are collected
The automated analysis finds malware and known indicators
Suspicious data is flagged to help the analyst make decisions
Built By Forensics Experts
Cyber Triage was built by forensics experts so that you don’t have to be one. Basis Technology builds custom and open source digital forensics tools for thousands of worldwide users. Our customers include law enforcement, government agencies, consultants, and corporate investigators.
By building forensics tools for over 15 years, such as Autopsy and The Sleuth Kit, we have knowledge and experience with processing large amounts of data and looking for evidence. We use these tools within Cyber Triage to give you the best results.
Built for Any Cyber First Responder
Cyber Triage was built for the incident response needs of any organization:
- Internal Teams investigate alerts from SIEMs.
- MSSPs investigate client endpoints based on network traffic.
- Consultants allow clients to do their own basic response.
- Law Enforcement ensure consistent analysis from all agents.