Cyber Triage Has a New Look

Cyber Triage 2.0 has been released with a new user interface and can be used for free (with a reduced feature set). The new UI allows you to make better decisions, and prevents missing evidence by automating the incident response triage workflow and giving more...

Exposing More Data to Save Time

The new Cyber Triage release allows you to better understand the impact of a threat.  Now, you can automatically see what registry keys reference a file with malware, what processes are using the file, and remote hosts with active connections to those processes.  ...

Finding Suspicious Program Activity

The 1.6.1 release of Cyber Triage added a new automated analysis technique to make the life of an incident responder easier and more efficient.  The new technique focuses on the programs that were run on the target system. The motivation for analyzing these programs...
Tailoring the Triage Process for Better Results

Tailoring the Triage Process for Better Results

An incident first response is only as good as the time a responder can save. While automation can help scale the prioritization of many endpoints, as we wrote in our last blog post, it’s also important to be able to correlate all those results together. In a dynamic...
Prioritizing Endpoints Helps to Focus Incident Response

Prioritizing Endpoints Helps to Focus Incident Response

As part of a responding flyaway team, it’s probably common for you to arrive at your client’s offices, only to be pointed to a set of boxes to start analyzing. The client may tell you that they did some of their own digging around and identified the computers for you...