by Brian Carrier | Jul 27, 2018 | Blog, New Features
Using timestamps to determine what happened before or after an event is vital when investigating your endpoints. Timestamps allow you to see what programs were run or websites visited that may have been involved in a suspicious event. The latest Cyber Triage 2.3.0...
by Brian Carrier | May 4, 2018 | New Features
Sometimes the only evidence on an intrusion is in memory and not on disk. In these cases, memory forensics provides crucial evidence to your investigation. Cyber Triage now integrates with Volatility to parse memory images and display the results in the standard Cyber...
by Brian Carrier | Mar 19, 2018 | Blog
You can now use Yara signatures in Cyber Triage to search endpoints for new or advanced malware during incident response. Yara allows malware researchers to define binary patterns that can be easily shared. When you configure Cyber Triage with Yara rules, they will be...
by Brian Carrier | Feb 5, 2018 | Blog, New Features
With the 2.1.10 Cyber Triage release, you can now integrate with Splunk. This allows you to remotely start collections about suspicious endpoints and bring the results back to Splunk for multi-source correlations and alert triage. This blog covers the basics of the...
by Brian Carrier | Dec 14, 2017 | Blog, New Features
The Cyber Triage team likes to build stuff around themes and one of our current themes is about integrations. It has been a growing feature request. This blog post talks about our recent Phantom integration. Next time, we’ll talk about Splunk. The Phantom integration...
by Brian Carrier | Oct 30, 2017 | Blog, New Features
Time is critical during incident response. Every minute you have an attacker roaming around your network can compromise valuable information and do irreparable damage to your systems. The latest Cyber Triage release saves your time by presenting information more...
