Attention Cyber First Responders:

Fast, Easy-to-Use AND Inexpensive... Discover the Only Digital Forensics Tool You Need to Investigate an Intrusion!

Understand What Happened, Get Attackers Out Quickly & Start Taking Steps to Prevent Future Attacks

When a digital intrusion occurs, response speed is crucial. Every second that is wasted increases the chances that an intruder can access valuable data and inflict costly damage.

That’s why your choice of a forensics tool is so important. The wrong tools deliver lots of poor information and make it extremely difficult to locate an intruder.

In fact, with manual and/or inefficient IR tools, the investigation cycle can take hours or days, giving bad actors time to extensively harm your system and get away with private information!

You need a tool that is capable of delivering threat assessment with speed, accuracy, and simplicity while also making your investigations more efficient through such state-of-the-art features such as automated threat scoring and recommendations. That’s because…

Cyber-Attack Investigation Speed & Accuracy Are More Important Today Than Ever Before

The most recent statistics show that cyber attacks are on the rise and according to Microsoft each data breach costs an average company $3.8 million. Then there is this worrisome statistic: 60% of smaller companies are out of business within a year of a cyber attack.

In other words, it is extremely important that you are able to get to the bottom of an attack…FAST. Poor intrusion response can lead to greater damage and put your organization’s reputation at stake. Making matters worse, today’s cyber attackers are more sophisticated than ever before and the risk they pose is increasing seemingly by the day.

The likelihood of your company experiencing an intrusion today is high – and it’s only getting higher as hackers refine their techniques and develop new strategies.

In fact, your organization may have experienced a recent attack…or maybe you are concerned about experiencing one in the future…Either way we have some very good news for you!

Start Your Free Trial

We Are Creating a World Where Every Cyber First Responder Can Quickly Investigate Breaches & Minimize Damage

The very same Basis Technology developers who developed Autopsy and The Sleuth Kit have devoted their time, energy and talents into creating a solution to the current digital investigation crisis…

And that solution is now available!

Introducing Cyber Triage

Cyber Triage is capable of collecting artifacts from both live and dead systems to ensure clients get the specific data they need.

You can use this software to:

  • Collect the relevant artifacts from live running Windows systems and send results to a server, S3 bucket, or USB drive
  • Prioritize artifacts using a variety of scoring techniques and algorithms to identify those that are associated with an intrusion
  • Recommend additional artifacts based on what you, the user, tag
  • Collaborate with your team about your findings and share your result
  • Plus, you can use this tool to conduct on-premises or cloud forensics – that’s right, you can use Cyber Triage with AWS, GCP and Azure for cloud investigations.

Digital Forensics Tool Diagram Detailing How Cyber Triage Works

And we haven’t even mentioned yet one of the greatest things about this software:

It includes malware scanning services that when purchased separately can cost $80,000 per year or more!

Talk about powerful…and inexpensive…there is simply no more effective and efficient way to get to the root cause of an intrusion than with Cyber Triage.

You get the information you need thanks to all of these convenient features:

  • Malware scanning from 40+ engines
  • Yara to integrate cutting-edge rules
  • Heuristics that experienced responders look for, such as anomalous processes
  • Import IOC threat intelligence lists
  • And more.

We’ve Done All the Hard Work for You

For the past 20 years, Brian Carrier and his team at Basis Technology have dedicated themselves to arming cyber first responders with the tools they need to perform on the digital front lines.

Carrier was on the incident response team at @stake, developed The Sleuth Kit and Autopsy open source tools, and also authored the popular book, File System Forensic Analysis.

Now through revolutionary digital forensics and investigation software like Autopsy and Cyber Triage, he and those who work with him at Basis Technology are helping first responders go into battle equipped.

Basis Technology believes in making the jobs of those on the front lines easier by making software that is automated and easy to use.

The company understands that it can’t decrease first responders’ responsibilities, but it can make digital forensics as easy and effective as possible – and that is exactly what it is doing through hard work and innovation.

Experience the Cyber Triage Difference

If you are a SOC analyst, consultant, law enforcement officer or other user, Cyber Triage is the software you need to maximize the artifacts per second that you process so that you can get attackers out quickly.

And one of the best things about Cyber Triage is that it analyzes artifacts and assigns a score based on how likely they are to be from an intrusion.

This makes an investigation go faster because you can focus on the bad and suspicious items and ignore the thousands of irrelevant ones.

Plus, the software’s scoring methods are updated regularly based on attack trends and threat intelligence.

One more thing to keep in mind about Cyber Triage is that it simplifies investigations.

The software comes with malware scanning, so you won’t have to take all of the malware hash values and run them against a separate, often expensive, software tool.

There is also a full REST API to easily integrate Cyber Triage with existing systems. The REST API provides access to an entire database and crucial capabilities, such as automated scoring.

The bottom line is with Cyber Triage on your side you’ll ensure that investigations are comprehensive and that they are informed by the latest intelligence. Cyber Triage checks every relevant location for digital forensics and incident response (DFIR) evidence!

Investigate Faster & Get More Accurate Results With Cyber Triage

The key to getting attackers out is being able to quickly process lots of data from lots of hosts. This allows you to identify where they are and understand how they are doing what they are doing.

Cyber Triage allows you to maximize your artifacts per second so that your investigation achieves both speed and comprehensiveness.


Artifact scoring allows you to quickly focus on the small set of artifacts that are relevant. You won’t waste valuable time on “normal activity.”


Thousands of artifacts are collected to look for malware and account takeovers. The recommendation engine makes sure you know about related items.

At a time when your company is depending on you to be both fast and accurate, Cyber Triage gives you the capability to make sure your investigation is both of those things.

Don’t be surprised if you are elevated to “hero” status and held in high regard by everyone at the company for your ability to step up and find answers when confusion and uncertainty are running rampant.

Gain Peace of Mind That Attackers Can be Identified Quickly

Many cyber first responders spend their days not just worried about digital intrusions damaging business productivity, putting sensitive data at risk and ruining their organization’s reputation …

But also about not being able to quickly and correctly diagnose an intrusion, explain what happened, why it happened and make sure it doesn’t happen again.

With Cyber Triage, you gain peace of mind. You receive the tool you need to quickly gather and analyze data and determine the cause of an intrusion.

Imagine if every analyst on your team could work on crucial tasks while running a collection and then spend only 20-30 minutes on incident review…

Imagine if you could automate the collection process and score data automatically by threat level…

Imagine being totally confident that you had everything you need to conduct a thorough intrusion investigation and get the answers needed to protect your organization and help it move safely forward…

Cyber Triage turns all of these wishes into reality!

With Cyber Triage You Get


Faster Investigations


Malware Scanning Engines


Click Reporting

Cyber Triage is a point-and-click tool that enables every IR professional, regardless of experience, to quickly compose a data-driven story about an incident.

Look at Some of the Many Ways You Can Benefit from This Software

Collect Comprehensive Evidence

Cyber Triage’s collection tool focuses on the artifacts needed for intrusion investigations. It saves time by making copies of only the important data from the live system, disk image, or memory image. Plus, it is regularly updated based on attack trends and can be deployed from the Cyber Triage server, EDR, or USB.

Score Artifacts to Detect Threats

Cyber Triage analyzes the artifacts and assigns a score based on how likely they are to be from an intrusion. This makes the investigation faster because you can focus on the bad and suspicious items and ignore the thousands of irrelevant ones. The scoring methods are updated regularly based on attack trends and threat intelligence. It includes coverage from 40+ malware scanning engines.

Recommend Additional Artifacts

As you dig deeper to identify root cause, Cyber Triage will recommend related artifacts. For example, calling out that a network connection came from a process that had a triggered task. Cyber Triage helps you get to the root cause with a timeline of the system, a view of the folder structure, and the ability to pivot between artifact types.

Collaborate Within the Team

Collaboration and integration are critical to fast responses. During the investigation, Cyber Triage allows multiple investigators to work on the same incident and pull in data from past cases to determine relevance. At the end, you can generate a report to distribute. At any time, Cyber Triage can integrate with SIEM and SOAR systems to start collections or export results.

Conduct On-Premises or Cloud Investigations

Cyber Triage gives you everything you need to excel at investigations conducted on site or in the cloud – including on AWS, GCP and Azure.

Ready to Write Your Own Success Story? Get Cyber Triage Today!

Cyber Triage is available in three versions – simply choose the one that is right for your business:


Starting at


per year

Automated Collection & Analysis

All Lite features plus:

  • Collects over the network
  • Automated malware and suspicious item analysis
  • Correlates with single user’s previous collection to determine how common item is.

Standard Pro

Multiple Hosts per Week

All Standard features plus:

  • Increased daily malware scan limits
  • Ability to queue up batches of collected data for processing
  • 1-month term licenses available

Collaboration & Integration

All Standard features plus:

  • Collect and analyze multiple hosts at the same time
  • Collaborate on the same incident at the same time
  • REST API to integrate with orchestration systems

Feature Breakdown

Act Now to Get Cyber Triage for a Fraction of What it is Really Worth

As we said earlier, Cyber Triage contains malware scanning services that when purchased separately can cost $80,000 per year or more!

But if you act now you can get this powerful software for a small fraction of that amount.

The scanning power alone makes this a tremendous deal but Cyber Triage also comes with much more:

  • This software can be used for deep forensic collection and automated for intrusions. It can be used even where agents can’t be installed.
  • It is designed to work after an incident and doesn’t assume it was installed before an incident.
  • Cyber Triage also works on disk images, which is what consultants and law enforcement often must deal with.
  • Also, the software’s UI, workflow, and reporting are designed for an investigation. It doesn’t just deliver a dashboard of the enterprise.
  • Plus, Cyber Triage allows for easy correlation and integration.

One of Cyber Triage’s biggest benefits is that with most IR solutions, every added client, endpoint, project, or incident increases costs. However, Cyber Triage offers a “one too many” and “many to one” licensing model.

That means one analyst can run a dozen collections and a dozen analysts can work off a single incident, all concurrently. You shouldn’t have to restructure your incident response stack to scale, and with Cyber Triage you don’t have to!

Start Your 7 Day Free Trial Now

Ensure Your Company has the Ultimate Digital Forensics Tool

Poor intrusion response can lead to further damage and put a professional’s or organization’s reputation at stake.

Cyber Triage has created the world’s best cyber first response investigation toolkit that features unique solutions to the specific challenges digital investigators face.

Try For Free

Save Time & Money With Cyber Triage

By utilizing the Cyber Triage software, first responders can keep their response times low, which helps organizations:

  • Save money: cutting the cost per incident
  • Reduce risk: less time for bad guys to do damage
  • Get complete evidence: less time for bad guys to cover their tracks.

Act Now to Get Cyber Triage for

Standard Version

Just $2,500 per user

Click here to get started

Team Version

Contact us for a quote

Click here to get started

Remember, Cyber Triage includes 40+ malware scanning services that when purchased separately can cost $80,000 per year or more!

With Cyber Triage you can:

  • See exactly what happened before and after a given event
  • See what other files are stored alongside malware and other suspicious files
  • Easily pivot data types to learn about related artifacts, such as a network connection associated with a file.

And one of the best things about Cyber Triage is that it analyzes artifacts and assigns a score based on how likely they are to be from an intrusion.

This makes an investigation go faster because you can focus on the bad and suspicious items and ignore the thousands of irrelevant ones. Plus, as we said earlier, the scoring methods are updated regularly based on attack trends and threat intelligence.

Conduct Thorough Intrusion Investigations While Saving Time & Money With Cyber Triage

There’s no faster, easier or less expensive way to get to the root cause of an intrusion.

Choose the version that is right for you!

Start My Free Trial Now

Be Ready to Act Fast When an Intrusion Occurs!

The fact that bad actors are constantly evolving and launching more complicated attacks makes conducting a proper investigation difficult.

Cyber Triage is an up-to-date solution you can use to conduct fast, detailed investigations.

To get Cyber Triage for your organization click the button below.


Faster Investigations

Get the Tool You Need to Best do Your Job!

In the minds of most people, first responders are firefighters, police officers, or armed forces. They’re the ones running towards burning buildings, bank robberies, and battlefields.

But the digital age has created new kinds of criminals, crime scenes, and evidence. It has first responders, too.

To ensure you are ready to get to the bottom of a digital attack when it happens, you need Cyber Triage. It automates the collection process and scores data automatically by threat level.

You can count on this software to speed up the investigation cycle so analysts can do what they do best: make decisions and remediate threats.

Start My Risk Free Trial Now