Lightweight collection & reporting
Lite
Free
- Collects volatile and file system data
- Collects to USB Drive
- Analyzes memory images using Volatility
- Pivot through collected data to determine scope
- View timeline of threats to get context
- Generates HTML and CybOX reports
Automation & analytics
Standard
Request Quote
- All of the Lite features, plus…
- Collects over the network
- Automatically analyzes data to identify suspicious items
- Detect malware using ReversingLabs and Polyswarm
- Analyzes files using Yara rules
- Hides known good items with whitelists
- Flags IOC with blacklists
- Correlates with single user’s previous collection to determine how common item is
- Groups hosts by incident for better reporting and correlation
- Produces JSON report that can be imported into SIEMs
Collaboration, integration, & orchestration
Team
Request Quote
- All of the Standard features, plus…
- Collects from many hosts simultaneously
- Integrates with SIEMs and orchestration tools using REST API
- Stores data in a multi-user database
- Correlates with all user’s previous collections to determine how common item is
Cyber Triage Is Licensed By The Investigator
Because Cyber Triage does not install agents on each endpoint, we are not licensed based on the number of endpoints. Instead, we license based on the number of IT or security team members using the software. We grow with the security maturity of your organization.
If you are just starting out, then you may need only a single Standard license. As your team gets larger, you can add Standard licenses and grow into the collaborative Team version.