Cyber Triage is incident response software that automates the entire endpoint investigation cycle.

Collect complete evidence

Cyber Triage’s targeted collection approach saves time because it copies the most important data from the system in one step and does not require the user to make a forensic image of the entire drive.

Find threats fast

After collection, Cyber Triage automatically looks for data that is anomalous and similar to past incidents. Each collected item is assigned a score based on its risk. Bad and suspicious items are prioritized and shown to the user.

Dig deeper

After reviewing the data, users can dig deeper for more context and get to root cause. Cyber Triage recommends related files, provides timelines to find other suspicious items, and makes it easy to pivot between artifacts.

Collaborate easily

Everything works together with Cyber Triage. Multiple investigators can work on the same investigation at the same time. JSON or CSV reports are easy to generate and import into other systems. (It’s also simple to create beautiful HTML reports for management). And, once the investigation is done, Cyber Triage uses the results to improve future analyses.