Cyber Triage™ enables cyber first responders to quickly determine if a host is compromised. It’s agentless approach and focus on ease of use and automation allows you to respond without being a forensics expert. You can use it to investigate alerts from SIEMs and detection systems and decide to erase the machines or investigate deeper. Cyber Triage pushes its collection program to the remote system to acquire artifacts from memory, registry, event logs, and more. The artifacts are automatically analyzed for malware and traces of malicious activity. Results from previous collections are used to provide context about how common the artifacts are in the environment. The results can be used to scope an incident and identify other computers that are involved without needing to install agents throughout your enterprise.
↧