Analytics Make User Account Investigations Easier

Analytics Make User Account Investigations Easier

When investigating an endpoint you need to look at user activity in addition to malware and system change indicators. Cyber Triage now provides analytics about user login behavior and activity. This makes it easier for incident responders to determine if a user...

Cyber Triage Has a New Look

Cyber Triage 2.0 has been released with a new user interface and can be used for free (with a reduced feature set). The new UI allows you to make better decisions, and prevents missing evidence by automating the incident response triage workflow and giving more...

Finding Suspicious Program Activity

The 1.6.1 release of Cyber Triage added a new automated analysis technique to make the life of an incident responder easier and more efficient.  The new technique focuses on the programs that were run on the target system. The motivation for analyzing these programs...

Automating Incident Response: Setting the Stage

Overview Many companies want to improve their incident response capabilities and make them more effecient. Automation is often touted as way to improve the response times, but what does automation (or orchestration) mean in DFIR?  Can the entire process be...
Make Better Use of IDS Alerts for Incident Response

Make Better Use of IDS Alerts for Incident Response

If your organization’s security posture is maturing beyond prevention and beginning to focus on detection, you may find yourself evaluating a host of new security technologies. Among the most attractive for many organizations are network intrusion detection systems...