Blog

DFIR Breakdown: Kerberoasting

Start Reading

Collecting Linux DFIR Artifacts with UAC

Start Reading

How To DFIR Investigate with Cyber Triage and CrowdStrike Real Time Response

Start Reading

Adaptive vs Static File Collections for DFIR

Start Reading

3.10 adds Linux, Domain Controllers, and Fuzzy Malware Scanning for DFIR

Start Reading

How To Investigate Endpoints with Cyber Triage and Windows Defender

Start Reading

DFIR Next Steps: What to do after you find a suspicious Windows Network Logon Session

Start Reading

Windows Scheduled Tasks for DFIR Investigations

Start Reading

DFIR Next Steps: What To Do When You Find Mimikatz Was Run

Start Reading

3.9 introduces our first incident-level analysis features!

Start Reading

EDRs don’t collect all DFIR artifacts,
but they can help you do it

Start Reading

3.8 Release – Includes Autopsy Integration and Malware Scanning Boosts

Start Reading