With the release of Binalyze AIR v1.8.0, we introduced network capture capabilities to the acquisition profiles so you can capture both Network Flow (TCP/UDP connections) and PCAP IP packet data directly within the AIR platform.
This upgrade brings significant advantages by further consolidating all your digital forensics activities into one collaborative platform that delivers automation to save you time, reduce your costs and increase efficiency.
Currently, there are a number of network capture tools for Windows, such as Wireshark, TCPdump, and PRTG Network Monitor, that enable the investigator to monitor activity across the network. There are also a number of hardware solutions.
With this release of AIR you are no longer required to make expensive CAPEX investments in these hardware appliances or search for external, standalone solutions as we provide this capability on the endpoint itself in a fully automated and remote way.
Incident Response and Compromise Assessment rely on agility and speed. Solutions that require your analysts to use multiple, fragmented solutions to acquire digital evidence, capture network traffic, and perform analysis and reporting will create delays and backlogs. These delays increase risk and elevate costs.
Learn how to use network capture in a totally different way:
- Capture network traffic of only relevant endpoints
- Trigger network capture by a SIEM, SOAR solution
- Find the root cause of the intrusion
- Single tool usage – you don’t need to use additional network capture tools on the endpoint
Join us live for an interactive workshop about the new network capture feature in AIR and learn its functionalities with our CEO Emre Tinaztepe, a cybersecurity veteran in DFIR with more than a decade of experience in the industry, as he shares a demo of the new network capture feature functionalities with his unique perspective on DFIR.
Date: 1st September 2021
Time: 4pm (BST)
Presenter: Emre Tınaztepe