by Brian Carrier | Mar 19, 2018 | Blog
You can now use Yara signatures in Cyber Triage to search endpoints for new or advanced malware during incident response. Yara allows malware researchers to define binary patterns that can be easily shared. When you configure Cyber Triage with Yara rules, they will be...
by Brian Carrier | Feb 5, 2018 | Blog, New Features
With the 2.1.10 Cyber Triage release, you can now integrate with Splunk. This allows you to remotely start collections about suspicious endpoints and bring the results back to Splunk for multi-source correlations and alert triage. This blog covers the basics of the...
by Brian Carrier | Dec 14, 2017 | Blog, New Features
The Cyber Triage team likes to build stuff around themes and one of our current themes is about integrations. It has been a growing feature request. This blog post talks about our recent Phantom integration. Next time, we’ll talk about Splunk. The Phantom integration...
by Brian Carrier | Oct 30, 2017 | Blog, New Features
Time is critical during incident response. Every minute you have an attacker roaming around your network can compromise valuable information and do irreparable damage to your systems. The latest Cyber Triage release saves your time by presenting information more...
by Brian Carrier | Aug 18, 2017 | Blog
When investigating an endpoint you need to look at user activity in addition to malware and system change indicators. Cyber Triage now provides analytics about user login behavior and activity. This makes it easier for incident responders to determine if a user...
by Brian Carrier | Jun 4, 2017 | Blog
In the 2nd post in our Intro to IR Triage series, we’re going to take a big picture view. I want to give you the roadmap of how we are going to approach this series before diving into the technical details. In the last post, we talked about the goal of triage and...
