Practical Endpoint Response

Automated incident response software any company can use to investigate their alerts.

Agentless: Easier to deploy than EDR
Automated: Easier to use than command lines
Thorough: More complete than antivirus
Practical: Designed for non-forensics experts

trustTrusted by U.S. Federal Law Enforcement and Expert Investigators

Investigate Your Endpoints

When your SIEM or detection system generates an alert, you need to investigate endpoints to determine severity and scope. Cyber Triage integrates with your SIEM, orchestration, or ticketing system to give your cyber first responders the endpoint visibility they need to make decisions and remediate.

An alert is generated from a SIEM or detection system

An analyst is assigned in a ticketing system

Cyber Triage is deployed to the endpoint

Severity is determined and the incident is remediated

Why Cyber Triage?

Every organization needs a cyber first response that is more thorough than simply relying on a single antivirus scan, which misses new malware and doesn’t detect compromised user accounts.

Faster than
Ad-hoc Approaches

Command line tools are time consuming and error prone. Cyber Triage’s automated techniques and backend database allow you to more quickly collect, analyze, and interpret results.

Easier to Deploy than
Agent-based Systems

Deploying agents can be expensive and time consuming. Cyber Triage’s agentless approach means fewer approvals and works when the security team does not have administrator privileges.

Simpler than
Forensic Tools

Forensic tools are hard to use for the average security team and have features that won’t be used. Cyber Triage’s focus on the triage step means a simpler interface and a lower price.

How Does Cyber Triage Work?

Cyber Triage investigates the endpoint by pushing the collection tool over the network,
collecting relevant data, and analyzing it for malware and suspicious activity.

A new session is created in Cyber Triage

The collection tool is sent to the endpoint over network or USB

Volatile, registry, and file data are collected

The automated analysis finds malware and known indicators

Suspicious data is flagged to help the analyst make decisions

Built By Forensics Experts

Cyber Triage was built by forensics experts so that you don’t have to be one. Basis Technology builds custom and open source digital forensics tools for thousands of worldwide users. Our customers include law enforcement, government agencies, consultants, and corporate investigators.

By building forensics tools for over 15 years, such as Autopsy and The Sleuth Kit, we have knowledge and experience with processing large amounts of data and looking for evidence. We use these tools within Cyber Triage to give you the best results.

Built for Any Cyber First Responder

Cyber Triage was built for the incident response needs of any organization:

  • Internal Teams investigate alerts from SIEMs.
  • MSSPs investigate client endpoints based on network traffic.
  • Consultants allow clients to do their own basic response.
  • Law Enforcement ensure consistent analysis from all agents.

Simplify Your Incident Response. Try Cyber Triage.