Endpoint Isolation: A new feature of AIR that brings an investigation under your control

by

Currently in the DFIR world, when something suspicious is found during the investigation, it is mandatory to contact the firewall administrator or the relevant department to close the connections of the endpoint in order to prevent lateral movement to any other location or to prevent data leakage to the outside world.

Completing this isolation process takes time and can jeopardize your investigation.

How does Endpoint Isolation with Binalyze make this process a single click?

Binalyze AIR now contains the Endpoint Isolation feature that brings an investigation under the control of the Investigators / SOC Analyst teams by making it possible for them to disconnect any endpoint from the network immediately with one single click. In addition, since the communication with AIR continues, analysts can keep examining the isolated endpoint via the AIR Console. 

Start a free demo of Endpoint Isolation today.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Main advantages:

  1. AIR immediately isolates the machine from the network with a single click, a hard-to-find feature among digital forensic solutions. Normally firewalls or NAC devices are used for this purpose, with this feature Binalyze AIR shortens the process without contacting any other product or department.
  2. Isolated machines can be further examined by the DFIR investigators which lets them continue the investigation without any disturbance or interference.

How does Endpoint Isolation work?

  1. Open the endpoint dashboard on AIR and click on any connected endpoint. A sliding window will open and you will see the “Isolation” button in the upper right corner.
  1. Once you click on that button a warning pops up to check if you are sure about the isolation task, click “Yes” and you isolate the endpoint from the network. Now you can investigate the machine without any disruptions.

Presently, the Isolation feature is only available for Windows clients but in the coming releases, we will expand compatibility to other operating systems.

We will also be adding rules-based Endpoint Isolation to this feature in the coming weeks to remove the need for manual tasks and to integrate with any matches made during the Triage and Drone operations. 

Stay tuned for these updates as in 2 weeks we will be making another major feature release on the scale of 1.7.35 which you can read about here.

Make sure to follow us on Twitter to catch the latest updates from Binalyze.

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
Ryan from Oxygen Forensics discusses how to use Oxygen's Android agent to collect Google Chrome data as a third party app on Android devices.

Ryan from Oxygen Forensics discusses how to use Oxygen's Android agent to collect Google Chrome data as a third party app on Android devices.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_gNyq_7llqLA

Extracting Google Chrome Using Android Agent

Forensic Focus 22nd September 2023 3:07 pm

Ryan from the Oxygen Forensic training team discusses a new feature found in Oxygen Forensic Maps.

Ryan from the Oxygen Forensic training team discusses a new feature found in Oxygen Forensic Maps.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_yk_EGG6mR3s

Using The Maps Activity Matrix In Oxygen Forensic® Detective

Forensic Focus 15th September 2023 5:47 pm

Si and Desi are joined by Professor Sarah Morris, Digital Forensics Academic and Practitioner, to talk about DFIR at Southampton University, and Sarah’s innovative approach to lecturing. They explore a range of topics, from electronic storage detection using robots, to strength-testing Faraday bags. They also venture into the realm of forensics in unexpected places, like unravelling mysteries hidden within a washing machine. Plus, Sarah offers a rare insider's perspective on the biometrics and forensics ethics group, an advisory non-departmental public body sponsored by the Home Office.

Si and Desi are joined by Professor Sarah Morris, Digital Forensics Academic and Practitioner, to talk about DFIR at Southampton University, and Sarah’s innovative approach to lecturing.

They explore a range of topics, from electronic storage detection using robots, to strength-testing Faraday bags. They also venture into the realm of forensics in unexpected places, like unravelling mysteries hidden within a washing machine.

Plus, Sarah offers a rare insider's perspective on the biometrics and forensics ethics group, an advisory non-departmental public body sponsored by the Home Office.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_4sB-6YAXRKE

Teaching Digital Forensics With Professor Sarah Morris

Forensic Focus 6th September 2023 2:29 pm

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Digital Forensics Round-Up, September 21 2023
News

Digital Forensics Round-Up, September 21 2023

ByForensic FocusSep 21, 2023
How To Review Mobile Forensics Evidence With Mobile Device Investigator
Articles

How To Review Mobile Forensics Evidence With Mobile Device Investigator

ByadfsolutionsSep 20, 2023
UPCOMING WEBINAR – The State Of Digital Forensics And Incident Response 2023
News

UPCOMING WEBINAR – The State Of Digital Forensics And Incident Response 2023

ByBinalyzeSep 20, 2023
Using The Maps Activity Matrix In Oxygen Forensic® Detective
Articles

Using The Maps Activity Matrix In Oxygen Forensic® Detective

ByOxygenForensicsSep 19, 2023
New IDC Report: The State Of Digital Forensics And Incident Response 2023
News

New IDC Report: The State Of Digital Forensics And Incident Response 2023

ByBinalyzeSep 18, 2023
Andrew Carr, Director of Cybersecurity Graduate Programs, Utica University
Interviews

Andrew Carr, Director of Cybersecurity Graduate Programs, Utica University

ByForensic FocusSep 18, 2023