CyFIR Investigator
On-Demand By-the-HourRemote Forensic Investigation, Incident Response Triage & Remediation
Complete Most Investigations Within Our Free 5-Day Trial
Intellectual Property Theft | Sexual Harassment | Insider Threat | Misuse
Scalable capabilities, on-demand and by-the-hour, available now through the
Every company needs digital tools to help detect and respond to a cyber incident. Unfortunately, many traditional solutions are simply too expensive. Even worse, traditional solutions often have restrictive tool architectures that prevent investigators from moving quickly when an attack happens. With worldwide on-demand availability and by-the-hour pricing, CyFIR Investigator is an endpoint investigation and response solution that is affordable and scalable so companies can get the best protection and only pay for what they need.
No Upfront Costs.
Immediate Worldwide Availability!
Significantly Reduce Losses from Cyber Compromises
Deploy Cyber Risk Protection and Deterrence On Demand
Resolve Active or Potential Threats 31x Faster with a Forensic-Grade Investigator
Perform Due Diligence and Document Forensic Evidence
Affordable Turnkey Cyber Investigation and Incident Response
CyFIR Investigator provides fast, scalable, and easy-to-install access to enterprise forensic capabilities. With on-demand and by-the-hour licensing through the AWS marketplace, CyFIR Investigator makes turnkey cyber investigation and incident response accessible to companies of any size because you only pay for what you use. CyFIR Investigator can be spun-up in AWS in under 15 minutes. Once your investigation is complete, spin-down your instance. Many of your investigations can be completed within our 5-day free trial, so what are you waiting for?
Eliminate the Need for Dead Drive Forensics
CyFIR Investigator eliminates the need for dead drive forensics with remote installation, investigation, and remediation capabilities available worldwide in minutes—not weeks, months, or years. Additionally, CyFIR Investigator offers Image Analyzer technology to scan one computer or your entire network concurrently to ensure no inappropriate images exist that could threaten your workplace or your brand.
Affordable Cyber Resilience
With fast installation and by-the-hour pricing, CyFIR Investigator significantly reduces the cost and time needed to investigate a cyber incident.
Small to Mid-Sized Businesses
Formalize Incident Response Plans by renting the CyFIR Investigator Platform
- Rent a CyFIR platform for a specific incident
- Easy setup and configuration with pre-built CyFIR instances from AWS Marketplace
- Available immediately with no large upfront costs
- Handles more than incident response
- Practice your Incident Response Plans with ease
Managed Security Service Providers
Fast deployments that let you focus on growing your business
- Expand your services menu to include additional offerings
- Quick and easy deployment lets you take on larger jobs
- Pass costs to customer with time-based rental and no upfront capital expenditures
- No limitations to number or size of engagements by spinning-up multiple CyFIR instances for immediate response
- Increase market share without spending money on large up-front costs of traditional investigative tools
Large Enterprises
Gain visibility across global assets and networks
- Rapidly expand visibility into global assets at scale
- Visibility across your entire network simultaneously in a hybrid cloud/metal environment
- Scale CyFIR stacks quickly to support large or complex breaches
- Reduce per-incident costs through rapid deployment, installation, and concurrency
FOR SMBs
Why It Matters
- Rent a CyFIR platform for a specific incident
- Easy setup and configuration with pre-built CyFIR instances from AWS Marketplace
- Available immediately with no large upfront costs
- Handles more than incident response
- Practice your Incident Response Plans with ease
FOR MSSPS
Why It Matters
- Expand your services menu to include additional offerings
- Quick and easy deployment lets you take on larger jobs
- Pass costs to customer with time-based rental and no upfront capital expenditures
- No limitations to number or size of engagements by spinning-up multiple CyFIR instances for immediate response
- Increase market share without spending money on large up-front costs of traditional investigative tools
FOR ENTERPRISES
Why it Matters
- Rapidly expand visibility into global assets at scale
- Visibility across your entire network simultaneously in a hybrid cloud/metal environment
- Scale CyFIR stacks quickly to support large or complex breaches
- Reduce per-incident costs through rapid deployment, installation, and concurrency
With CyFIR Investigator on AWS, you can:
Perform Incident Response or Rapid Incident Response Triage across tens, hundreds, or thousands of computers concurrently.
Remotely investigate a system or systems, even across the world, for internal issues such as:
- Intellectual Property Theft
- Sexual Harassment
- Insider Threat
- Misuse
Search across your network simultaneously for items responsive to an eDiscovery request or legal matter.
Investigate and assess risk on a corporate network across the globe during an assessment or before mergers and acquisitions activities. Know what you’re buying.
CyFIR Investigator can assist you with any remote investigation of desktops and servers that you have, and service providers can create unique CyFIR stacks for each customer to increase their revenues.
- Visibility across your entire network simultaneously in a hybrid cloud/metal environment
- Scale CyFIR stacks quickly to support large or complex breaches
- Reduce per-incident costs through rapid deployment, installation, and concurrency
Live, Forensic-Grade Capabilities, Built for Digital Investigators
Think Forensics First™
See More to Know More and Respond Instantly.
Authorized Insiders
Authorized Outsiders
Rogue Insiders
Unauthorized Outsiders
Outsiders who look like Insiders
Serve More Use Cases
Data Exfiltration
Internal Threats
Privacy
HR Violations
Malware
with Forensic-Grade Investigations
Endpoint Telemetry Data
File Systems
Registry
Deleted Files
PII Searches
Screenshots
Skin Tone Detection
to Mitigate Risk
Execute Planned Service Restoration Plans
Implement Mitigation Strategies
Identify Unauthorized Network Activity
CyFIR Investigator
Also available with integrated Image Analyzer
How To Access
Follow the step by step process below and be sure to reference the instructional videos.
Select Agents
Select total number of agents below, with or without Image Analyzer.
Complete Transaction
In the AWS Marketplace, select AWS machine that CyFIR agents and servers will run on.
Begin CyFIR Setup
Watch videos below for further instruction.
Hourly Pricing Model
Rates based on number of CyFIR agents permitted.*
Limited time offer for free 5-day trial on < 250, < 1k, and < 2.5k Agent models!
< 5 Agents
$5/hr
$5.50/hr
< 25 Agents
$12.50/hr
$13.75/hr
< 100 Agents
$15/hr
$16.50/hr
< 250 Agents
$20/hr
$22/hr
< 1k Agents
$30/hr
$33/hr
< 2.5k Agents
Contact Us
$38.50/hr
> 2,500 Concurrent Agents
Contact Us
* Pricing does not include additional Amazon Machine fees.
How-To Videos
1) Installing CyFIR from the AWS Marketplace
2) Install CyFIR Investigator from AWS
3)
4) Installing the CyFIR AWS Linux and Mac Agent
5)
6) CyFIR Investigator User Interface
7) CyFIR User Roles Groups and Permissions
8) CyFIR Enterprise Search Part 1
9) CyFIR Enterprise Search Part 2 – Hash Search
10) Working with CyFIR Search Results
11) CyFIR Hard Drive-Directory and File Acquisition
12) CyFIR Live Memory Live Process and Loaded Module Imaging and Acquisition
Learn more in our “CyFIR for the Forensic Investigator” webinar workshop.
CyFIR Investigator
Forensic Analysis & Remote Remediation
Now available on-demand, by-the-hour, through the

“Once we demonstrated the capabilities of CyFIR®, our legal department stopped requesting traditional full disk captures. Today, they just ask us to ‘CyFIR it.’ By eliminating technical and logistical hurdles, CyFIR has been a tremendous help in expediting our cases through increased productivity.”
– Global Cloud Provider, Director