What is AIR?

A brief introduction to Binalyze AIR


AIR is an "Automated Incident Response" platform that provides the most complete feature set for:

  • Remotely collecting 100+ evidence types in minutes,

  • Capturing the "Forensic State" of an endpoint as a well organized HTML/JSON report,

  • Performing triage on thousands of endpoints using YARA,

  • Integrating with SIEM/SOAR/EDR products for automating the response phase IR,

  • Enriching alerts for eliminating false positives,

  • Investigating pre-cursors generated by other security products.

     

Previous Article                                                                                                                     Next Article