Binalyze To Highlight The Importance Of Digital Forensics At Black Hat

Ahmet Oztoprak, Senior Director META, Binalyze, talks in detail about AIR platform, and the company intends to demonstrate the AIR 4.0 at Black Hat MEA in Riyadh. The company will highlight the new Investigation Hub feature that can help security professionals have proper forensic visibility at speed in the event of an incident.

Kindly provide an overview of your company’s expertise and experience in cybersecurity.
Binalyze is the developer of AIR, the world’s fastest, end-to-end Digital Forensics and Incident Response (DFIR) platform.

Binalyze AIR’s suite of capabilities includes remote evidence acquisition and automated, intelligence-driven evidence analyzers. Its core Triage, Timeline, and interACT remote shell features speed up investigation and remediation efforts. The AIR Investigation Hub sits at the heart of the platform to provide an integrated view of case-related evidence and insights to manage investigations seamlessly and consistently.

The company was established in 2018 and is headquartered in Tallinn, Estonia. Today, Binalyze boasts a global presence with offices in the UK, the US, and Singapore. We successfully concluded its Series A investment round in September 2023, raising $19 million led by Molten Ventures with participation from existing investors, Earlybird Digital East and OpenOcean, and new strategic investors Cisco Investments, Citi Ventures, and Deutsche Bank Corporate Venture Capital.

Why is it essential for Binalyze to participate at Black Hat?
Without hesitation, Black Hat provides a unique environment for networking and collaboration. We can connect with other cybersecurity professionals, potential customers, and partners. This exchange of ideas and experiences can lead to pertinent feedback, driving innovative solutions and new partnerships that benefit the entire industry.

When we talk to industry experts, SOC heroes, and DFIR pros, they always highlight one thing – It’s impossible to ensure an organization is 100% safe. This is where the vision behind Binalyze AIR comes into play: Always assume breach!

Regardless of the result of the incident, most cyber security professionals are actively shifting to that mindset, decreasing the risks and providing business continuity and cyber resiliency.

We recently conducted a survey with IDC, talking to more than 100+ SOC professionals in the Middle East. According to the “State of DFIR Middle East 2023 report”, SOCs are still struggling to have enough resources to handle the overflowing amount of alerts and the growing threat landscape.

We hope to meet with industry leaders during Black Hat MEA to discuss the report findings personally and understand the current landscape from their unique perspectives.

What specific types of cybersecurity solutions or services will you be showcasing at the exhibition?
We will showcase AIR, our cutting-edge DFIR solution. Binalyze AIR enables SOC professionals to collect digital forensic evidence from any asset on their network.

AIR was designed from the ground up to be platform agnostic, covering Linux, macOS, and Windows-based assets. AIR also covers the cloud, working both on-premise or hybrid. Users can easily collect and analyze more than 350+ different evidence types with just a few clicks in under 10 minutes.

Acquired evidence can be compressed and collated to save storage resources and encrypted at industry standards. Also, AIR’s unique features ensure that acquired evidence is timestamped, ensuring chain of custody and ransomware shielded to maintain forensic integrity.

Do you have any live demos or interactive displays at the exhibition that showcase your products?
Following our new AIR 4.0 release, we’ll demo our new Investigation Hub feature. Investigation Hub brings many new benefits, which we’ll walk visitors through. These can be summarized as:

  • Providing a consolidated and integrated view. Bringing relevant evidence, forensic findings, and essential capabilities together into a single pane of glass.
  • Intelligent evidence prioritization & decision support. Consolidation is excellent but isn’t a solution on its own. Without a means to prioritize and enrich the evidence, you may be creating an even noisier, overwhelming picture. Regularly updated, research-led automated IOC and anomaly scanning, scoring, and verdicts, alongside MITRE ATT&CK mapping, reduce this noise.
  • Efficiency-driving collaboration.  Working in a silo, without visibility of what others are doing or have done, can hinder progress in an investigation or, worse, result in repeated work. Cybersecurity is a team sport, and collaboration is a cornerstone of efficient investigation. Our new Investigation Hub makes this even easier.

How can your solutions help Saudi enterprises improve their cybersecurity posture?
Through Binalyze’s expertise on DFIR, we believe that our presence at Black Hat MEA will be a great enabler for Saudi-based enterprises – covering best practices for managing their DFIR efforts and dealing with incidents.

Binalyze can also demonstrate how enterprises can preemptively protect themselves against future incidents by giving them a more detailed forensic-level view on the incidents to strengthen their defenses. We also collate this data into a highly detailed report and provide IoC mapping to help further deal with security incidents effectively and efficiently.

This visibility and clarification can revolutionize the DFIR practice within organizations, especially for Saudi enterprises, unfortunately, which are increasingly seen as targets by cyber-criminals.

What message would you like to give potential customers and partners attending the show?
We believe that Binalyze AIR can help security professionals have proper forensic visibility at speed and scale throughout their assets in the event of an incident to bring cyber resiliency and provide business continuity.  Security is critical, and having the right solutions to safeguard reputation, data security, and operational continuity means that the suitable investment around DFIR has never been more critical.

Our Black Hat MEA presence is about developing relationships, understanding the most trending and prevailing methods hackers use, and giving customers the solutions to help them stay one step ahead.

Where can visitors find you in Black Hat?
If you want to stop by and meet with our team in person, you can find us at H4.C19.