Lightweight collection & reporting



  • Collects volatile and file system data
  • Collects to USB Drive
  • Analyzes memory images using Volatility
  • Pivot through collected data to determine scope
  • View timeline of threats to get context
  • Generates HTML and CybOX reports


Automation & analytics


Starting at $1,999

  • All of the Lite features, plus…
  • Collects over the network
  • Automatically analyzes data to identify suspicious items
  • Detect malware using ReversingLabs
  • Analyzes files using Yara rules
  • Hides known good items with allowlists
  • Flags IOC with denylists
  • Correlates with single user’s previous collection to determine how common item is
  • Groups hosts by incident for better reporting and correlation
  • Produces JSON report that can be imported into SIEMs

Request Quote

Collaboration, integration, & orchestration


Request Quote

  • All of the Standard features, plus…
  • Collects from many hosts simultaneously
  • Integrates with SIEMs and orchestration tools using REST API
  • Stores data in a multi-user database
  • Correlates with all user’s previous collections to determine how common item is

Request Quote

Cyber Triage Is Licensed By The Investigator

Because Cyber Triage does not install agents on each endpoint, we are not licensed based on the number of endpoints. Instead, we license based on the number of IT or security team members using the software. We grow with the security maturity of your organization.

If you are just starting out, then you may need only a single Standard license. As your team gets larger, you can add Standard licenses and grow into the collaborative Team version.