Binalyze Launches Magellan to Bring Investigative e-Discovery to the SOC

New capability enables security teams to proactively search file contents across endpoints, whilst also enabling faster, more accurate investigation and response

London, UK – March 26th, 2026 : Binalyze, the cybersecurity company delivering AIR, Automated Investigation and Response, today announced the launch of Magellan, a new capability that brings ‘e-discovery’ of file contents directly into the Security Operations Center (SOC) to help close the ‘content blind spot’ for organizations.

Despite years of investment in detection technologies such as EDR, XDR, and SIEM, most SOCs investigate incidents without direct visibility into file contents. This reliance on metadata such as filenames, hashes, and access logs blinds investigators to crucial context such as what actual data was involved; how it was misused; and what the potential consequences are.

Magellan introduces investigative e-discovery capabilities at the endpoint, allowing teams to go beyond detecting suspicious activity to determine the true potential impact of an incident without affecting the speed of an investigation. In contrast to legacy e-discovery solutions, Magellan removes the need to centrally index and create copies of data that already exists. This enables security teams to search and examine the contents of files across endpoints and hybrid environments in real-time. This results in a clear understanding of what’s in a file, where it’s stored, who has access, and whether it’s being used appropriately.

Embedded within the Binalyze AIR platform, Magellan enables distributed full-text search directly on the device where the data resides. By removing the need to export files or wait for centralized indexing, security teams can quickly examine file contents across large environments, giving a full picture of the extent of a breach and what data is at risk. Moreover, it also helps security teams to proactively spot issues before breaches occur, especially when confidential files are being accessed by users whom wouldn’t usually have authorization to access them.

“When triaging and responding to a potential incident, context is everything,” said Emre Tinaztepe, Founder and CEO of Binalyze. “Detection tools are excellent at telling teams that something suspicious happened. What they rarely show is what data was actually involved. By bringing e-discovery-like capabilities directly into the investigation workflow, Magellan allows analysts to search inside files and quickly understand what information may have been exposed or misused.”

Closing the Visibility Gap in Cyber Investigations

Magellan addresses a broader shift in cybersecurity priorities. As attacks become more complex and regulatory expectations increase, organizations need deeper investigative capabilities to understand exactly what happened during an incident.

Yet these organizations also have to deal with rapidly growing data volumes across their endpoints – from both cloud services, and remote environments – alongside rising insider threats and accidental data exposure. Security teams can easily study indirect indicators such as metadata or access logs, but deeper inspection requires involvement from forensic specialists, IT teams, or legal workflows. These delays can extend investigations and increase uncertainty around the scope of an incident.

Magellan gives security teams the capability to search across their entire infrastructure; investigate insider threats and data exposure directly at the source; and provide evidence-based answers to key stakeholders and regulators.

“Security teams do not need more alerts and new dashboards telling them they ‘might’ have something they need to deal with,” continued Tinaztepe. “What they need is clarity about what data is involved. By bringing e-discovery directly into the investigation process, Magellan gives analysts the confidence to answer even the most granular and complex questions about data. Most importantly, by seeing the content behind the signals, investigators can address the critical fact of any incident: what actually happened?”

Availability

Magellan is available immediately as a new module within the Binalyze AIR platform.

About Binalyze

Binalyze is the global leader in Automated Investigation and Response. AIR connects with your existing security stack to automate evidence collection and deliver the context your team needs to investigate faster and act with confidence. By turning alerts into insight and signal into clarity, Binalyze empowers security teams to stay ahead of both proactive and reactive threats.

AIR automates the collection and analysis of evidence data across endpoints, cloud, and hybrid environments, enabling faster, conclusive investigations and continuous readiness. Recognized by Gartner in the Cloud Investigation and Response Automation (CIRA) category, Binalyze is trusted by enterprises, MSSPs, and incident response teams worldwide.

Media Contact:
Marie Wilcox, VP Marketing
marie.wilcox@binalyze.com
www.binalyze.com