Blog

Blog

Inbound Logon Artifact Deep Dive Series

May 24, 2023

Remote logons are important to investigate during any intrusion, but...

Blog

ResponderCon 2022 Ransomware Videos (Batch 4)

May 2, 2023

This is the fourth batch of ResponderCon 2022 videos! This...

Blog

Sandboxing Malicious Files: Recorded Future Triage Integration

April 18, 2023

Sandboxing is a critical DFIR capability because so many incidents...

Blog

ResponderCon 2022 Ransomware Videos (Batch 3)

March 27, 2023

This is the third batch of ResponderCon 2022 videos! This...

New Features

3.6 Release – Processes, OS Accounts, and Indicator Exports

February 20, 2023

There was a lot in this release (as you can...

Blog

Analyzing KAPE DFIR Artifacts in Cyber Triage

January 23, 2023

KAPE is a popular tool for collecting files from a...

Blog

ResponderCon 2022 Ransomware Videos (Batch 2)

December 16, 2022

The second batch of ResponderCon: Investigating Ransomware videos is out...

Blog

3.5 Release – Merging artifacts, viewing source files, and anomalous logons

November 21, 2022

Cyber Triage 3.5 is out and this blog covers a...

Blog

ResponderCon 2022 Ransomware Videos (Batch 1)

November 7, 2022

We held our first ResponderCon event back on Sept 13...

New Features

Cyber Triage 3.4: Logons, Hatching, and BITS

September 27, 2022

Cyber Triage version 3.4 is out and this blog post...

New Features

Cyber Triage 3.3.0: Data Accessed Artifacts, Malicious PDF & Import Logical Files

June 29, 2022

Cyber Triage version 3.3.0 introduces many new features to make...

Digital Forensics Tool Kit

Cyber Triage Lite – Identifying OS Configuration

June 3, 2022

In addition to account takeover and installing malware, attackers may...