FastTriage - Triage Package Analysis & Threat Hunting Platform

Parse and analyze your triage packages, all in one place

The platform allows you to parse triage packages from tools such as CyLR or KAPE, and perform package analysis to determine if it is potentially affected by a cyberattack. All your packages in one place. Quick, simple, and easy.

Analyze your triage packages with our Threat Intelligence

Using a multitude of detection rules allows us to detect anomalies or suspicious behaviors in any artifact.

Deep Analysis

Our platform's deep analysis allows the analyst to perform precise IOC searches using custom SQL queries. It also allows the analyst to select rows of interest for investigation, adding them to the timeline.

Case management with a centralized information

FastTriage allows you to group different triage packages and relate them to each other, IOCs, network information, detection rules, timeline, and more.

Custom Rules using SQL

FastTriage works using SQL, allowing for advanced searches across artifacts using SQL queries. This allows for the creation of custom rules to detect threats or malicious behavior. These custom rules can also be run on all packages or cases at the same time, allowing for the creation of a new rule and the mass analysis of all triage packages.

Teamwork To The Next Level

FastTriage allows multiple analysts or incident responders to work on the same case at the same time.

Deep Analysis

Threat Intelligence Custom Rules

Fast and easy

Pricing Plans

Choose the plan that best fits your needs

Features	Free 0€ Get Started	Pro Contact Us Contact Sales
Analysis
Triage package analysis
Deep artifact inspection
Multiple package analysis
Private package analysis
Search
Search strings on artifacts
Advanced search on artifacts
Search using SQL Queries
IOCs search
Custom Detection
Create IOCs
Create Custom Detection Rules
Export data
Query results
Complete artifacts
Timeline
Analysis results
Package parsed database
Network hops
Integrations
AWS Bucket S3
Azure Storage (blob)
FTP/SFTP
API
Others
MITRE ATT&CK Details
Timeline
Case management
FastTriage AI
Private Data (encrypted and 100% anonymous)
Upload limited (300 MB)

Integrations

Integrations with your favorite tools

Frequently Asked Questions

FastTriage allows fast and centralized review of triage packages — system data collected using tools like CyLR or KAPE — helping teams both respond to incidents and proactively hunt for threats.

Unlike an XDR, which is limited to what it sees within its own ecosystem, FastTriage gives you full visibility into raw system data collected directly from the endpoints, even in environments without active agents — making it ideal for initial response, offline analysis, and threat hunting across diverse setups.

Yes, FastTriage Pro offers a REST API that allows full automation — including uploading and analyzing triage packages directly from a SOAR platform or any other automated workflow.

If the malware leaves traces on disk — such as artifacts or behavioral evidence — then yes, FastTriage can detect it through forensic analysis.

Yes, you can schedule a demo to see the capabilities of the Pro version. Additionally, depending on the case, we offer access to our Pro platform for 30 days so that potential clients can evaluate its full capabilities.

Parse and analyze your triage packages, all in one place

Analyze your triage packages with our Threat Intelligence

Deep Analysis

Case management with a centralized information

Custom Rules using SQL

Deep Analysis

Threat Intelligence Custom Rules

Fast and easy

Free

Pro

Why FastTriage?

What advantage does it give me over having an XDR?

Is there any kind of API available?

Is it capable of detecting malware?

Is it possible to schedule a demo to see the capabilities of the Pro version?