Sleuth Kit Labs

Cyber Triage 3.12 is out now!! With each release, our goal remains to aid cybersecurity professionals to quickly answer intrusion questions related to malware, ransomware, and account takeover. In 3.12, we introduce new features with the focus of making your response even faster! The new key features of 3.12 include: - Data Exfiltration Detection - USB Storage Identification - Server-side Disk Image Processing - Easier Artifact Validation Join Brian Carrier and Michael Wilkinson for a webinar on October 9th at 1PM Eastern to see these features in action! Webinar SignUp: https://lnkd.in/e5WtH_rS Read more here: https://lnkd.in/e2ZUaHye #DFIR #CyberTriage #SleuthKitLabs #Cybersecurity

Join us next week for a webinar on Fuzzy Malware Matching. ? Attackers complicate #DFIR by using unique executables, which make both scoping and detection harder. Attend this webinar to know how to find the unique variations so that your responses are faster.? ? In this 30-minute webinar on Tue July 23 at 1PM Eastern , we’ll look at: * Several fuzzy matching algorithms, such as ImpHash, ssdeep, and TLSH.? * Pros and cons of them * Which can be used in DFIR This webinar is intended for both incident responders and SOC managers who want an understanding of what is possible and what to expect in terms of finding malware variations.? https://lnkd.in/gWmvSBms

Cyber Triage 3.11 is out now!! Access More with this recent release including BitLocker, new File Explorer, and Export All Files! The main theme is ‘more access’ with a special focus on disk images. Cyber Triage can import data from both live systems, other DFIR collectors, and full disk images (or virtual machines). This release has some long requested features to access more disk image data and to export more data. We’ll be hosting a webinar on July 10 at 1PM Eastern to see these features in action! Until then, our blog dives into some of the new key features, specifically: - Decrypting BitLocker - Ability to read all files from a disk image - Expanded file explorer view - Exporting all files Read more here: https://hubs.li/Q02DCfRz0 Webinar SignUp: https://hubs.li/Q02DC9ng0 #DFIR #CyberTriage #SleuthKitLabs #NewRelease #BitLocker

We learned some of our customers use Cyber Triage to look for remote access for ICAC investigations. We realized that was a great use case, so we are sharing knowledge on it. I have a talk at Techno Security & Digital Forensics Conference tomorrow, but a blog post is attached for those who are not here. We focus on three types of artifacts: * Malicious RATs * Commercial remote access software * Windows authentications from external IPs https://lnkd.in/e-i8ACiB

come visit Sleuth Kit Labs at #technosecurityeast. If you are a #cybertriage user come Brian Carrier, Austin Dyches or me for a free T-shirt!

We are excited to be attending the Techno Security & Digital Forensics Conference and Digital Forensics Conference this week in Wilmington, NC! Come stop by our table and chat with us throughout the event, and on Wednesday don't miss Sleuth Kit Labs CEO, Brian Carrier, as he gives his talk: Backdoor Forensics: Knowing Who Did Activity on a Device We look forward to seeing you there! Register now here: https://hubs.li/Q02zblWQ0 #DFIR #CyberTriage #SleuthKitLabs #DigitalForensics #IncidentResponse #TechnoSecurity

EDR Evasion and Incident Response: Why You Need to Collect More DFIR Artifacts Webinar - May 30th If a cyber attack happened today, would you be prepared? Investigating an attack that uses EDR evasion is challenging because you can’t rely on the EDR to have all the evidence as attackers often find ways of avoiding or delaying detection. We are excited to be hosting a 30-minute webinar from our CEO, Brian Carrier, about EDR evasion and how to investigate alerts. We will provide an overview on evasion techniques, different kinds of DFIR collection tools and their integration with your EDR, and how to quickly deploy them after an alert. Join us on May 30th at 1PM EST to learn more and be prepared when an attack happens! Register here: https://hubs.li/Q02xtMkn0 #DFIR #CyberSecurity #IncidentResponse #CyberTriage #EDR #Automation #Security #Webinar

We are thrilled to announce our new partnership with Vendetta Cyber Defense! With each partnership, we have three goals: - Integrate our automated digital forensics software, Cyber Triage, into your environment and help you tune it. - Ready your team, with training, simulations and test datasets. - Support you with our deep DFIR expertise. If you come across uncommon artifacts, previously unseen tools, techniques or procedures, we’ll join you to figure it out. We look forward to working with Vendetta and other response teams to make sure every incident responder and digital forensics investigator can quickly resolve threats and defend their people and businesses. Read more about this partnership and our mission here: https://lnkd.in/etM_Tr9f

Sleuth Kit Labs joined an impressive crowd of cybersecurity professionals at Fayetteville Technical Community College yesterday as part of the National Cyber Workforce & Education Strategy Roadshow. Our very own Lee Sult had an opportunity to attend and met with the National Cyber Director Harry Coker Jr., sharing information and working towards building a stronger workforce in our industry. #DIFR #Cyber