Get Your Cyber Triage Quote

Standard

Starting at

$2,500/user

Per Year

Automated Collection & Analysis

All Lite features plus:

  • Collects over the network
  • Automated malware and suspicious item analysis
  • Correlates with single user’s previous collection to determine how common item is.

Standard Pro

Multiple Hosts per Week

All Standard features plus:

  • Increased daily malware scan limits
  • Ability to queue up batches of collected data for processing
  • 1-month term licenses available
Collaboration & Integration

All Standard features plus:

  • Collect and analyze multiple hosts at the same time
  • Collaborate and work on the same incident at the same time
  • REST API to integrate with orchestration systems

Feature Breakdown

Standard
Standard Pro
Team
Collects volatile and file system data
Collects to USB Drive
Analyzes memory images using Volatility
Pivot through collected data to determine scope
View timeline of threats to get context
Generates HTML and CybOX reports
Collects over the network
Automatically analyzes data to identify suspicious items
Detect malware using ReversingLabs
Analyzes files using Yara rules
Hides known good items with allowlists
Flags IOC with denylists
Correlates with single user’s previous collection to determine how common item is
Groups hosts by incident for better reporting and correlation
Produces JSON report that can be imported into SIEMs
Custom report branding
Collect to and from USB
Collect over the network
Collect to S3
Malware scanning limits 5000/week4000/day4000/day
Queue up multiple collections
Collaborate and share data amongst the team
Integrate with orchestration system
Scoring and Recommendations
Collects from many hosts simultaneously
Queue lists of hosts for scanning
Integrates with SIEMs and orchestration tools using REST API
Stores data in a multi-user database
Correlates with all user’s previous collections to determine how common item is
Simultaneously collect and analyze multiple hosts at the same time
Correlates artifacts with past cases the team has worked
Analysts can collaborate and work on the same incident at the same time
Higher performance via PostgreSQL server
Synchronize threat intelligence lists across all clients
Headless ingest
Run as a windows service
Higher malware scanning limits (refreshed daily instead of weekly)
Free team server key