THE CYBER TRIAGE BLOG

Learn investigation tips from Brian Carrier and the Sleuth Kit Labs Team.

AI + DFIR Primer: Agents and Scalability

May 5, 2026

Recent Posts

Collecting Linux DFIR Artifacts with UAC

May 23, 2024

How Investigate with Cyber Triage and CrowdStrike Real Time Response

May 14, 2024

Adaptive vs Static File Collections for DFIR

May 8, 2024

3.10 adds Linux, Domain Controllers, and Fuzzy Malware Scanning for DFIR

May 1, 2024

How To Investigate Endpoints with Cyber Triage and Windows Defender

April 2, 2024

DFIR Next Steps: What to do after you find a suspicious Windows Network Logon Session

March 15, 2024

Windows Scheduled Tasks for DFIR Investigations

February 28, 2024

DFIR Next Steps: What To Do When You Find Mimikatz Was Run

January 24, 2024

3.9 introduces our first incident-level analysis features!

December 5, 2023

EDRs don’t collect all DFIR artifacts,
but they can help you do it

December 4, 2023

3.8 Release – Includes Autopsy Integration and Malware Scanning Boosts

August 31, 2023

Logon Session vs Local Session vs Cyber Triage Sessions. Oh My!

July 11, 2023