Q1. How have digital forensics practices evolved in recent years? What's driving the changes?
The speed, scale and sophistication of cyber threats is increasing exponentially. This trend is creating tremendous pressure on businesses to maintain security and resilience. They responded by investing in solutions to create an “impenetrable fortress” but, as we see on an almost daily basis, this is an unrealistic expectation – there will be a breach.
Acceptance of this fact is driving demand for DFIR solutions (Digital Forensics & Incident Response). But many of the existing ones were not designed to work at speed and scale. Consequently, we are seeing a new category develop for modern DFIR platforms that are fast, remote, scalable, integrated and automated. These disruptive platforms, like Binalyze AIR, have changed the nature of digital forensics so it is fit-for-purpose as a part of a live incident response investigation and can even be used proactively to build resilience.
Q2. Binalyze recently announced a strategic partnership with managed detection and response provider Binary Defense. How will that partnership benefit your customers? How does the partnership broaden Binalyze's capabilities in this market?
Our partnership with Binary Defense is extremely exciting, for both existing and potential customers. Through this partnership, Binary Defense will integrate Binalyze’s AIR, our state-of-the-art digital forensics and incident response platform, into its existing portfolio of services.
This will allow Binary Defense’s customers to benefit from the industry-leading features of AIR, including fast and accurate endpoint triage, efficient digital forensics investigation, and comprehensive incident response capabilities. By combining Binalyze’s innovative technology with Binary Defense’s expertise in MDR, incident response, digital risk protection, and threat hunting, the partnership will help organizations enhance their overall security posture and effectively respond to all DFIR security incidents with speed and scale.
This is one of many new partnerships we’ll be announcing throughout 2023.
Q3. What is Binalyze's main messaging at Black Hat Asia 2023? What do you want customers to take away from your organization's presence at the event?
Digital forensics used to be a reactive post-mortem activity. With Binalyze’s AIR platform, it puts DFIR at the heart of your daily security practice, giving you a fully automated proactive capability that even integrates with other security products like SIEM, SOAR and EDR.
We’ve taken something that would normally take two days to complete—generating a detailed forensic report—and instead condensed it into an activity that takes just 10 minutes. Ten minutes for a fully automated remote collection of over 280+ evidence and artifact types, right back to the original endpoint's installation date.
Armed with a powerful foundation of digital forensic data, you can now:
Scale: AIR enables a team of three SOC analysts to deliver what currently takes a team of 10 to achieve, by automating forensic processes and driving false-positive elimination of EDR/XDR alerts.
Find: AIR can help uncover undetected breaches with automated comparisons of scheduled—for example weekly—snapshots of all critical assets, to see and assess what’s changed.
Contain: AIR can help complete end-to-end investigations, including containment and remediation, typically in under four hours.