Cyber Triage Has a New Look

Cyber Triage 2.0 has been released with a new user interface and can be used for free (with a reduced feature set). The new UI allows you to make better decisions, and prevents missing evidence by automating the incident response triage workflow and giving more...

Finding Suspicious Program Activity

The 1.6.1 release of Cyber Triage added a new automated analysis technique to make the life of an incident responder easier and more efficient.  The new technique focuses on the programs that were run on the target system. The motivation for analyzing these programs...

Automating Incident Response: Setting the Stage

Overview Many companies want to improve their incident response capabilities and make them more effecient. Automation is often touted as way to improve the response times, but what does automation (or orchestration) mean in DFIR?  Can the entire process be...
Make Better Use of IDS Alerts for Incident Response

Make Better Use of IDS Alerts for Incident Response

If your organization’s security posture is maturing beyond prevention and beginning to focus on detection, you may find yourself evaluating a host of new security technologies. Among the most attractive for many organizations are network intrusion detection systems...
Can DIY Incident Response Scale?

Can DIY Incident Response Scale?

If you’ve ever purchased a house or vehicle, you may also, as many people do, have gone to the local hardware store to buy a starter kit of tools. You might not have been sure how often you’d use the tools, but you wanted at least to be prepared for basic repairs so...