BrazenCloud

View Original

Rapid Incident Response, and Forensics for Any Workload

Example: Forensic Image Capture at Scale - Drop forensic images to a Designated Shared Directory

Want to do Forensics at scale or on demand?

See this form in the original post

Incident Response Forensic Collection with BrazenCloud

  • Collect Forensic artifacts and files for Rapid Incident Response across remote systems, cloud workloads and containers at enterprise scale.

  • Best practices for Digital Forensics and Incident Response (DFIR) include collection of artifacts found on workloads to determine the nature of an incident or cyberattack.

  • BrazenCloud provides an automated, scalable Runbook and Forensic Collection that leverages the CDIR Collector from Cyber Defense Institute.

  • Investigators can select which files to collect and route results to a single location providing easy evidence collection and access to examiners.

  • With BrazenCloud and Brazen Agent, you can Combine Forensic Collection with Rootkit Detection, Malware Yara Scanning all in a single easy to scale Runbook


    Brazen Agent Operating Systems Supported

    • Windows

    • Linux

Learn more About BrazenCloud’s Features

Learn more about BrazenCloud’s Technology

Combine DFIR, Malware Detection and Rootkit Detection with BrazenCloud Runbooks:

Combined Runbook with Forensic Image Capture + Malware Hunting Yara Rules and Rookit scanning.

BrazenCloud Agent Remediation Actions

Automated remediation is achieved with direct access to remote systems and executing remotely on any workload or endpoint.

Your Security Orchestration, Automation, and Response (SOAR) may alert for a specific remediation action to occur, but SOAR systems often lack access to remote systems over complex hybrid networks.

API-to-API integration between your SOAR and BrazenCloud allows you to fully automate remediation actions, in any workload, and report back success or failure of the Action.

Leverage simple PowerShell or Python scripts for dynamic remediation actions:

  • List processes

  • Kill a process

  • Grab files

  • Delete Files

  • List network connections

  • Disable networking

  • Change or Update Registry Key

  • Grab memory images

  • Disable User Account

  • Install a patch

  • Reload software from a trusted source

  • Reconfigure a system

Brazen Agent Operating Systems Supported

  • Windows

  • Linux

Seeing is Believing.

See this form in the original post

More BrazenCloud Use Cases

See this gallery in the original post