The New Way to Investigate Intrusions
Cyber Triage is an automated digital forensics tool and Incident Response (DFIR) software that allows cybersecurity professionals like you to quickly answer intrusion questions related to:
It uses host-based data, scoring, advanced analytics, and a recommendation engine to ensure your investigations are fast and comprehensive.
The Leader in DFIR Artifact Scoring
Cyber Triage is the only DFIR tool that will:
- Score artifacts to ensure you quickly focus on relevant data
- Scan executables with 40+ malware detection engines
- Deploy in challenging environments where agents can’t be used
- Recommend artifacts to ensure you follow up on all leads
SOCs, MSSPs, consultants, and law enforcement all use these features to answer their hard investigative questions, such as “What did the attacker do?” and “How did they get in?”.
Complete Your Investigations Faster
Speed is critical to ensure you get the evidence before it is overwritten and you minimize the damage an attacker can do.
Cyber Triage digital forensics tool maximizes your artifacts per second by:
- Identifying the artifacts that are relevant and showing them first.
- Recommending artifacts so that you quickly follow all leads.
- Integrating with SIEMs so that collections start ASAP.
Conduct more Comprehensive Investigations
Investigations need to be comprehensive to understand the full scope of the incident and remove the persistence mechanisms.
Cyber Triage gives you breadth by:
- Collecting dozens of artifact types based on numerous attack scenarios.
- Analyzing executables with 40+ malware scanning engines.
- Updating collection methods and heuristics based on threat intel
Investigations using Cyber Triage have four basic steps:
- Data is collected using an agentless collection tool that sends artifacts over the network, to USB, or S3.
- Artifacts are analyzed and scored using threat intelligence. Correlations are made between hosts.
- Responders review the artifacts and dive deeper based on what questions they need to answer.
- Additional hosts are collected from and added to the incident.
Cyber Triage has been designed to work in any scenario a Cyber First Responder finds themselves in. It can run on a laptop, the cloud, or an on-premise server.
Who Created Cyber Triage?
This digital forensics tool was created by the same developers at Basis Technology who were responsible for Autopsy and The Sleuth Kit.
Basis Technology believes in making the jobs of those on the front lines easier by making software that is automated and easy to use.
The company understands that it can’t decrease first responders’ responsibilities, but it can make digital forensics as easy and effective as possible – and that is exactly what it is doing through hard work and innovation.
Trusted by global organizations committed to security
What Could Happen
If You Don’t Get Cyber Triage?
Cyber attacks are on the rise, and the likelihood of your company experiencing an attack is high. According to Microsoft, each data breach costs an average company $3.8 million. Plus, 60% of smaller companies are out of business within a year of a cyber-attack!
Not having Cyber Triage could mean intruders can stay in your system longer, accessing valuable data and inflicting more damage.
To limit the damage and ensure the effectiveness of your investigations, get Cyber Triage today.
Faster Forensics For Even Faster Remediation With Cyber Triage Digital Forensics Tool
Plans start as low as $208/month for unlimited support and 4000 daily scans with ReversingLabs.
Answering Intrusion Questions is Hard
Intrusion investigations are amongst the most difficult for digital forensic investigators because there are so many types of evidence to look for.
Our Divide and Conquer DFIR Process helps investigators answer these hard questions by breaking them into smaller questions.
Learn more in our 3-hour course.
Cyber Triage was built on these concepts.