Cyber Triage's Avatar

Cyber Triage

@cybertriage.bsky.social

Digital Forensics and incident response software for endpoint investigation. Built by @sleuthkitlabs and Brian Carrier (@carrier4n6).

91 Followers  |  36 Following  |  1 Posts  |  Joined: 14.11.2024  |  1.4458

Latest posts by cybertriage.bsky.social on Bluesky

Preview
3 Ways to Make Digital Investigations Faster with Automation Everyone β€” except for some consultants paid by the hour β€” wants to skip the tedious work associated with digital investigation. The good news is there are

Adding automation to your #DFIR investigations means you have less decisions to make. Get rid of the tedious work! Focus on the fun stuff!

Here are my three thoughts on the most effective ways to add automation and which tools do them.

What are yours?

www.cybertriage.com/blog/3-ways-...

05.08.2025 15:29 β€” πŸ‘ 4    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

New Cyber Triage release with:
* New UIs to give you an overview of the endpoint
* Hyabusa integration
* Baseline
* Public key encryption on collector
* LOTS more....

Blog and Download Link: www.cybertriage.com/blog/3-14-re...

06.05.2025 14:39 β€” πŸ‘ 5    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0

EDRs miss activity! 😲😱.
You should not miss webinar tmrw! πŸ˜€

Markus and I will talk about why EDR alerts could be days after an attack started.

We'll talk about how to do endpoint triage to see what else happened beyond the alert!

Mar 27 @ 11 Eastern

register.gotowebinar.com/register/916...

26.03.2025 14:55 β€” πŸ‘ 3    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
Alert Triage vs Endpoint Triage: What SOCs Need to Know As we talk to corporate security teams about how they respond to incidents and EDR alerts, we find it useful to highlight the Endpoint Triage step in

For those in the #SOC: Alert Triage vs Endpoint Triage

Blog post that is part of our Endpoint Triage series.

Alert triage focuses on validating and prioritizing the EDR/SIEM alert.

Endpoint triage focuses on prioritizing the host. How bad is it?

www.cybertriage.com/blog/alert-t...

21.03.2025 13:38 β€” πŸ‘ 4    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0

I'm doing a webinar TMRW on investigation tools for endpoint triage. Basic idea is how to get quick and accurate results after an alert. EDR data plays a role in that, but it's not enough.

Endpoint Triage should be in any security team's process.

attendee.gotowebinar.com/register/281...

25.02.2025 15:30 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image

3 places to automate #DFIR Endpoint Triage. Which do you do?

11.02.2025 16:00 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image

The 3 themes we focus on for #DFIR endpoint triage. What are yours?

04.02.2025 21:47 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image 03.02.2025 18:48 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image 31.01.2025 14:23 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Post image

Endpoint Triage: What you do after you validate the EDR alert to understand the impact.

#DFIR Webinar Thu @ 11.

register.gotowebinar.com/register/142...

28.01.2025 16:14 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
3.13 Adds MemProcFS and Extends the S3 and Recorded Future Sandbox Integrations Our holiday gift this year is some frequently requested features that came out in the 3.13 release: MemProcFS to support Windows 10 and 11 images

Cyber Triage 3.13 is the holiday gift you’ve been waiting for:

Integrations that make you faster.

β†’ MemProcFS integration
β†’ Expanded S3 integration
β†’ Detailed sandbox report

Complete 3.13 release notes: www.cybertriage.com/blog/release...

19.12.2024 22:56 β€” πŸ‘ 10    πŸ” 4    πŸ’¬ 1    πŸ“Œ 0

@cybertriage is following 20 prominent accounts