logo-air-binalyze-white1-click Investigation Timelines

Create comprehensive investigation event timelines with a single click and in just a few minutes.


Add new endpoints 

Easily add additional endpoints/off-network endpoints to your timeline as your investigation progresses and lateral movement is identified.

investigation event timelines

Enrich with milestones

Add anecdotal evidence obtained during the investigation process i.e. HR intelligence, timings of real-world events, etc.

add milestones to your investigation timeline

Import CSV files

Use AIR’s 4-step, format-agnostic CSV importer to enrich your timeline with mapped data from Cloud systems, firewall logs, and much more.

The CSV import feature gives you the possibility to upload your own CSV file and start analyzing the uploaded data on your AIR Timeline. These CSV files can be collected from your cloud platform, firewall logs, or anywhere else. The source doesn’t play any role here. The important thing is that you can upload and start analyzing CSV files quickly and in a simple, collaborative way.

Learn more

CSV import feature event timelines

Event Flagging

Flag events of interest with a severity scale and collect flagged events for streamlined management reporting. Flagged events will appear in the timeline section as well as in the right part of the dashboard where you can see a full list of flagged events for easier reporting and analysis. 


CleanShot 2021-11-09 at 12.17.08

Send to timeline

You can send acquisition files directly from the AIR console to your event timeline by using the "send to timeline" option. 

CleanShot 2021-11-09 at 12.28.26