by Brian Carrier | Jul 27, 2018 | Blog, New Features
Using timestamps to determine what happened before or after an event is vital when investigating your endpoints. Timestamps allow you to see what programs were run or websites visited that may have been involved in a suspicious event. The latest Cyber Triage...
by Brian Carrier | May 4, 2018 | New Features
Sometimes the only evidence on an intrusion is in memory and not on disk. In these cases, memory forensics provides crucial evidence to your investigation. Cyber Triage now integrates with Volatility to parse memory images and display the results in the standard Cyber...
by Brian Carrier | Dec 14, 2017 | Blog, New Features
The Cyber Triage team likes to build stuff around themes and one of our current themes is about integrations. It has been a growing feature request. This blog post talks about our recent Phantom integration. Next time, we’ll talk about Splunk. The Phantom integration...
by Brian Carrier | Oct 30, 2017 | Blog, New Features
Time is critical during incident response. Every minute you have an attacker roaming around your network can compromise valuable information and do irreparable damage to your systems. The latest Cyber Triage release saves your time by presenting information more...
by Brian Carrier | Aug 18, 2017 | Blog
When investigating an endpoint you need to look at user activity in addition to malware and system change indicators. Cyber Triage now provides analytics about user login behavior and activity. This makes it easier for incident responders to determine if a user...
