Use the results to quickly resolve the current investigation and make future ones more efficient.

Finish the investigation fast

  • Team version allows team members to collaborate on the same incident and share results
  • Generate HTML or JSON reports of each host or incident to share results and include in reports.

Make future work more efficient

  • Results are used to learn about how to prioritize items in future incidents
  • REST APIs allow other enterprise tools to query for artifacts and indicators.