.png%3Falt%3Dmedia%26token%3D3c56f135-f35f-4b1d-ad36-dca78b5c9823)
.png%3Falt%3Dmedia%26token%3D3c56f135-f35f-4b1d-ad36-dca78b5c9823)
What is AIR?
Automated Incident Response platform
AIR is an "Automated Incident Response" platform that provides the most complete feature set for:
- Remotely collecting 150+ evidence types in minutes,
- Capturing the "Forensic State" of an endpoint as a well organized HTML/JSON report,
- Performing triage on thousands of endpoints using YARA,
- Integrating with SIEM/SOAR/EDR products for automating the response phase IR,
- Enriching alerts for eliminating false positives,
- Investigating pre-cursors generated by other security products.
Last modified 1yr ago