Collect Faster by Collecting Less

With its agentless approach, the latest Cyber Triage release gives users more control over what endpoint forensic artifacts are collected. This enables: Faster data collection Faster decision making. The 2.6 release has several other updates, including: Upgraded and...

It’s About Time(lines)!

It’s About Time(lines)!

https://www.youtube.com/embed/9G7mwfck2KQ   Using timestamps to determine what happened before or after an event is vital when investigating your endpoints. Timestamps allow you to see what programs were run or websites visited that may have been involved in a...

Using Volatility in Cyber Triage to Analyze Memory

Using Volatility in Cyber Triage to Analyze Memory

Sometimes the only evidence on an intrusion is in memory and not on disk. In these cases, memory forensics provides crucial evidence to your investigation. Cyber Triage now integrates with Volatility to parse memory images and display the results in the standard Cyber...

Integrate with Splunk for Faster Alert Triage

Integrate with Splunk for Faster Alert Triage

With the 2.1.10 Cyber Triage release, you can now integrate with Splunk.  This allows you to remotely start collections about suspicious endpoints and bring the results back to Splunk for multi-source correlations and alert triage. This blog covers the basics of the...

Archives