Free version with no analytics


  • Collects volatile and file system data
  • Collects to USB Drive
  • Pivot through collected data to determine scope
  • View timeline of threats to get context
  • Generates HTML and CybOX reports


For small teams who need automation

Email us at for pricing

  • Collects over the network
  • Automatically analyzes to identify suspicious items
  • Analyzes executables for malware
  • Hides known good items with whitelists
  • Flags IOC with blacklists
  • Correlates with single user’s previous collection to determine how common item is
  • Groups hosts by incident for better reporting and correlation
  • All of the Lite features


For teams that need collaboration and integration

Email us at for pricing

  • Collects from many hosts simultaneously
  • Integrates with SIEMs using REST API
  • Stores data in a multi-user database
  • Correlates with all user’s previous collections to determine how common item is
  • All of the Standard features

Cyber Triage Is Licensed By The Investigator

Because Cyber Triage does not install agents on each endpoint, we are not licensed based on the number of endpoints.  Instead, we license based on the number of IT or security team members using the software.  We grow with the security maturity of your organization.

If you are just starting out, then you may need only a single Standard license.  As your team gets larger, you can add Standard licenses and grow into the collaborative Team version.