Fast & Affordable Forensics for Incident Response

Automated incident response software for fast, comprehensive, and easy intrusion investigations

Are you interested in this product?

1300 55 33 24

contact@cdfs.com.au

Quote Request

Cyber Triage

 

Fast & Affordable Forensics for Incident Response

 

Automated incident response software for fast, comprehensive, and easy intrusion investigations

 

Cyber Triage

 

Automation for the Cyber First Responder

 

Cyber Triage makes your response more efficient when you are working around the clock to get attackers out.

 

It has 4 core concepts to make you as fast and comprehensive as possible:

 

  • Collect the relevant artifacts from live running Windows systems and send results to a server, S3 bucket, or USB drive.
  • Prioritize the artifacts using a variety of scoring techniques and algorithms to identify those that are associated with an intrusion.
  • Recommend additional artifacts based on what the user tags.
  • Collaborate with your team about your findings and share your results.

 

Cyber Triage’s flexibility allows it to integrate with SIEM/SOAR systems, leverage cloud infrastructure, and be used by both internal SOCs and MSSPs.

 

Cyber Triage allows you to more efficiently find attackers and get them out.

 

Maximize Your Artifacts Per Second

 

The key to getting attackers out is being able to quickly process lots of data from lots of hosts. This allows you to identify where they are and how they persist.

 

Cyber Triage allows you to achieve both speed and comprehensiveness:

 

  • Speed: Artifact scoring allows you to quickly focus on the small set of artifacts that are relevant. Don’t waste your time on normal activity.
  • Comprehensive:  Thousands of artifacts are collected to look for malware and account takeovers. The recommendation engine makes sure you know about related items.

 

Cyber Triage’s automation makes you as fast as possible. In the words of 13Cubed, “It’s almost to the point of point and click forensics.”

 

10x

Faster Investigations

40+

Malware Scanning Engines

1

Click Reporting

 

Collect Complete Evidence

 
Collect Complete Evidence
 

Cyber Triage’s targeted collection approach saves time because it copies the most important data from the system in one step and does not require the user to make a forensic image of the entire drive.

 

Find Threats Fast

 
Find Threats Fast
 

After collection, Cyber Triage automatically looks for data that is anomalous and similar to past incidents. Each collected item is assigned a score based on its risk. Bad and suspicious items are prioritized and shown to the user.

 

Dig Deeper

 
Dig Deeper
 

After reviewing the data, users can dig deeper for more context and get to root cause. Cyber Triage recommends related files, provides timelines to find other suspicious items, and makes it easy to pivot between artifacts.

 

Collaborate Easily

 
Collaborate Easily
 

Everything works together with Cyber Triage. Multiple investigators can work on the same investigation at the same time. JSON or CSV reports are easy to generate and import into other systems. (It’s also simple to create beautiful HTML reports for management). And, once the investigation is done, Cyber Triage uses the results to improve future analyses.