# What is DRONE?

DRONE is AIR's automated compromise assessment feature, providing a powerful decision support system to accelerate security investigations. It automatically analyzes collected evidence and live assets using a library of always-up-to-date analyzers maintained by the Binalyze threat hunting team.

DRONE can be executed in two modes of operation:

* **Responder-side (Assets)**: Analysis takes place via the Responder on the asset as part of an evidence collection or threat hunt.
* **Server-side (Console)**: Previously collected evidence is analyzed or reanalyzed directly on the AIR database server, without any requirement to reconnect to the original asset. Learn more in [Server-side DRONE Analysis](https://kb.binalyze.com/air/features/drone/server-side-drone-analysis).

By automatically classifying findings as High, Medium, Low, or Matched, DRONE pinpoints anomalies and potential indicators of compromise, dramatically reducing investigation time and effort.

Read more about DRONE, AIR’s built-in automated compromise assessment technology here: [**Automated Compromise Assessment with DRONE**](https://www.binalyze.com/blog/dfir-lab/automated-compromise-assessment-with-drone)