2 min read

Binalyze December 2021 Product Updates

Welcome to our monthly product updates roundup! Here’s a rundown of the new features and solutions we released in the past month that you can now take advantage of. 

AIR v2.2.1

In the past month we released a new version of AIR that includes the following new features:

  • Export key data to CSV

  • Out-of-the-box support for Elasticsearch Logstash Kibana (ELK) and Sumo Logic SIEM

  • Trigger an AIR acquisition from Slack and Mattermost

You can try for free now on www.binalyze.com/air.

Export key data to CSV

With the latest version of Binalyze AIR, you can export endpoints, case information, timelines, and audit logs to CSV.

How does it work? 

Click on the new export button and AIR will collect the data and start the download.

You can apply filters to export selected data. Exporting makes it easier to integrate AIR into your existing investigative workflows, reporting, and audit processes. 

 

Elastic Stack (ELK) and Sumo Logic 

Having Binalyze AIR integrated into your SIEM allows you to react in real-time by starting a forensic acquisition on the endpoint whenever there is a suspicious activity detected by the SIEM. By creating a simple rule, AIR acquires evidence and stores it in the chosen evidence repositories.

With this release, we incorporated Elastic Stack (ELK) and Sumo Logic integration out-of-box to make daily DFIR duties more manageable and efficient.

To learn more about AIR webhooks check this on this link.

Slack and Mattermost

You can now trigger an AIR acquisition directly from your favorite team collaboration app without having to go to the AIR console. AIR will automatically start the acquisition and once completed you can find the acquisition report in the AIR console. 

DRONE 2.0

In the past month we released a new version of DRONE that includes the following new features:

  • Diffing feature - this brand new mode makes it possible to compare a DRONE analysis to a baseline and list the differences between the two

  • Keyword & Hash Search -import keyword had hash lists from a file to automatically highlight matches in your search

Diffing feature

With the latest version of Binalyze DRONE, you can compare two Case(.ppc) files and highlight the differences between them.

How does it work? 

It compares the base (clean) image with the latest image taken and highlights all the changes for the analyst to review. It is supported in both CLI mode and Tower mode.

To learn more about the diffing feature go here.

Keyword & Hash Search

Binalyze DRONE already had a keyword search mechanism but with this feature, we further enhanced this module so you can now search for hash matches and even import lists from files.

To learn more about DRONE keyword & hash search check this article.

Which of these new updates and solutions will you be trying today? See you next month for more.

New call-to-action 

Join us at the virtual roundtable carried out by GLACY+ Project in cooperation with APWG.EU

We are living in an era, where the volume and sophistication of cyberattacks have increased as a result of overflowing data and increased attack...

Read More

Binalyze secures $10 million in Seed funding to develop its Real-time Enterprise Forensics platform

Binalyze enables enterprises to respond to cyber breaches in real-time which dramatically speeds up investigations and remediation; this funding will...

Read More

Binalyze and Netsmart join forces to deliver enterprise forensics in Turkey

Binalyze, the World’s leading provider of advanced Enterprise Forensics and Incident Response solutions, today announced it has partnered with...

Read More