Just as the flight recorder “black box” helps aviation investigators, the Cyber Black Box assists digital forensics investigators in piecing together the events leading up to a cyber incident.
A faster and more accurate resolution means better business outcomes – faster remediation, fewer repeat attacks, and even smoother cyber insurance claims.
Cyber Black Box™
Cyber Black Box™
What's in it for you ?
Now that hacking and ransomware are primary threat to business operations, everyone must prepare for the unexpected.
How is Cyber Black Box™ different ?
This is brand new technology, launched in December 2020, by Cortex Cyber.
"And because it's new, there's nothing else quite like it."
It requires no maintenance.
How does Cyber Black Box™ WORK ?
How can I get it ?
Cyber Black Box is included in our product suite:
Frequently Asked Questions
Because backups are the perfect place to put them!
When forensic investigators try to piece together a timeline of events, they need to see how system activities change over time. That means understanding historic activities, such as network connections, registry and disk activity and setup.
But by the time an investigator is called to deal with an incident, it’s already too late – the investigator might be able to get the current state of the machine, but not what happened in the past. Further, most likely the hacker has already wiped the evidence.
What investigators need the most is a historical record of key pieces of information – just like a black box flight recorder does on airplanes. Backups are designed to keep old versions of data, even if the current version is destroyed.
Recording and putting the information in the backups will:
- Enable easy retrieval of historic forensic information that goes back days, weeks and months
- Preserve the forensic information even if the current system is hacked into and disabled.
- Basic system and software version info
- Detailed system info via WMI (including storage, features, hotfixes, drivers)
- Disks and volumes – critical volumes, partitions information
- Network connections and activity – current connections, port listeners, routing table, network statistics
- Process list
- Volume Shadow Storage details – providers, snapshots, volumes, writers and writer states.
Simply, we’re the best. 🙂
But more seriously, our mission is to safeguard our clients’ future though cyber-resilience. That means solving your business problems, not just your technology problems.
If you get hacked and suffer losses, that’s a business problem. BackupAssist solves this in two ways:
- giving you system recovery options to get running again, and
- capturing forensic information to assist you when lodging a cyber insurance claim,
And of course, providing these features at a compelling price point.
The Cyber Black Box is another great example of how we’ve been at the forefront of backup and disaster recovery technology for the SME market.
BackupAssist Classic is sold under a modular pricing model, which means you can purchase exactly what’s right for you.
- Backup & Recovery only – purchase a BackupAssist Classic license.
- Backup & Recovery with Cyber-Resilience – simply add a BackupCare subscription on top of your license.
BackupCare provides you with ongoing cyber-resilience features such as Cyber Black Box and CryptoSafeGuard. As the cyber landscape is constantly changing, the BackupCare subscription enables you to stay up to date.