by Brian Carrier | Jan 15, 2019 | Blog, New Features
With the latest 2.5.0 release of Cyber Triage, users get access to enterprise-grade malware scanning from ReversingLabs. This service provides more accurate scan results and is not typically available to incident responders, who tend to only need malware scanning a...
by Brian Carrier, Chris Ray | Nov 30, 2018 | Blog, New Features
Cyber Triage users now have another option when looking for Security Orchestration and Automation Response (SOAR) solutions because Demisto can now launch a Cyber Triage investigation. Orchestration solutions allow companies to have a faster and more efficient...
by Brian Carrier, Chris Ray | Nov 6, 2018 | Blog, New Features
Cyber Triage is an agentless incident response system and one of the methods that we use to get data from a compromised endpoint is to send our collection tool out via PsExec. When we tell experienced incident responders this, the typical dialog is: Responder: So, are...
by Brian Carrier | Jul 27, 2018 | Blog, New Features
Using timestamps to determine what happened before or after an event is vital when investigating your endpoints. Timestamps allow you to see what programs were run or websites visited that may have been involved in a suspicious event. The latest Cyber Triage...
by Brian Carrier | May 4, 2018 | New Features
Sometimes the only evidence on an intrusion is in memory and not on disk. In these cases, memory forensics provides crucial evidence to your investigation. Cyber Triage now integrates with Volatility to parse memory images and display the results in the standard Cyber...
by Brian Carrier | Mar 19, 2018 | Blog
You can now use Yara signatures in Cyber Triage to search endpoints for new or advanced malware during incident response. Yara allows malware researchers to define binary patterns that can be easily shared. When you configure Cyber Triage with Yara rules, they will be...