AIR is an "Automated Incident Response" platform that provides the most complete feature set for:
Remotely collecting 100+ evidence types in minutes,
Capturing the "Forensic State" of an endpoint as a well organized HTML/JSON report,
Performing triage on thousands of endpoints using YARA,
Integrating with SIEM/SOAR/EDR products for automating the response phase IR,
Enriching alerts for eliminating false positives,
Investigating pre-cursors generated by other security products.