What is DRONE?

DRONE is AIR's automated compromise assessment feature, providing a powerful decision support system to accelerate digital forensic investigations. It automatically analyzes collected evidence using a library of always-up-to-date analyzers maintained by Binalyze's DFIR Lab.

DRONE can be run in two ways:

• Responder-side: Analysis takes place on the asset during evidence collection.

• Server-side (Console): Collected evidence is analyzed or reanalyzed directly on the AIR Console, without reconnecting to the original asset.

By automatically classifying findings as High, Medium, Low, or Matched, DRONE pinpoints anomalies and potential indicators of compromise, dramatically reducing investigation time and effort.

Read more about DRONE, AIR’s built-in automated compromise assessment technology here: Automated Compromise Assessment with DRONE