Auto Asset Tagging
How to automatically tag your assets based on simple conditions.

Overview

Performing Digital Forensics at scale requires a proper classification of your assets.
Knowing how many web servers, domain controllers, or application servers you have highly decreases the response time while helping you focus on a group of devices on your network. This in turn increases the situational awareness in an investigation.

How it works

Auto Asset Tagging is a feature of Binalyze AIR that lets you automatically tag assets based on conditions such as:
  • Existence of a file or directory
  • Existence of a running process
You can easily AND/OR conditions and use environment variables as well.
This feature can be enabled from the Auto Asset Tagging section.
Once enabled, a newly deployed endpoint will be automatically assigned a task to query provided conditions, and based on the results, AIR will tag the endpoint using the Tag Name. If you want to re-run tagging on all endpoints, you can easily do this by clicking the "Run Now" button on the Auto Asset Tagging page.
There are a number of out-of-box supported asset tags such as IIS Server, Domain Controller, Mail Server, SQL Server but you can also create custom tags whenever you need them.
Last modified 1mo ago
Copy link