Get Data When You Need It
Your response is fastest when your security platforms can communicate.
The Cyber Triage Server has a REST API that enables:
Quickly collect data based on an alert to:
- Save analyst time by having the results waiting for them
- Ensure data is preserved before the system goes offline
The Cyber Triage REST API allows an application to start collecting from a computer and specify what kinds of data to collect.
Siloed data is not efficient and Cyber Triage data can be integrated with a SOAR, XDR, or SIEM. This allows:
- Incident tickets to have Cyber Triage’s top scored items
- Threat intelligence to be updated based on Cyber Triage results
The Cyber Triage Team REST API allows applications to query for:
- Status of collections and hosts
- List of bad and suspicious items for each host
- Lists of items by type, such as all startup items or scheduled tasks
- HTML or JSON reports