Intro to incident response triage (Divide & Conquer approach)
Cyber Triage integrations
- ReversingLabs Integration Improves Malware Scanning
- Use of PsExec That Doesn’t Reveal Password Hashes
- Volatility integration in Cyber Triage to Analyze Memory
- Search For Advanced Malware In Cyber Triage Using Yara Rules
- Integrate with Splunk for Faster Alert Triage
- Phantom Integration Allows for Faster Responses.
Cyber Triage releases
- Detect Exchange WebShells (2.14.4)
- Upload to S3 with Temporary Creds (2.14.3)
- Solarwinds Features (2.14.2)
- Upload Your DFIR Artifacts to S3 (2.14)
- Feedback-Driven Upgrades (2.13.1)
- Offline Malware Scanning (2.13)
- Online File Reputation Service (2.12)
- Investigation History, Timeline Filtering, and More (2.11)
- Visualization, Exporting, and More (2.10)
- Recommendation Engine (2.9)
- Finding Intrusion Evidence in the Same Folder (2.7)
- Collect Faster by Collecting Less (2.6)
- It’s About Time(lines)! (2.3)
- More Changes To Make Your Response Faster (2.1)
- Reducing Response Time with Whitelisting (1.2).