Infocyte's cloud-based platform leverages forensic triage methods to independently inspect and analyze endpoint devices (workstations and servers). The platform consists of a cloud-based Console and Analysis engine hosted by Infocyte (SaaS) and client-side Controller (for minimally invasive agentless endpoint collection) and/or endpoint agents for non-domain devices, or real-time security.
Infocyte inspects volatile memory and collects a wide-array of endpoint forensic data across Microsoft, Linux, and Mac operating systems. This data is then enriched with threat intelligence sources and Infocyte's patented artificial intelligence-providing a more comprehensive picture of the state of endpoints. We call this process Forensic State Analysis (FSA).
This getting started guide is intended to provide instructions for administrators who will be deploying and configuring Infocyte Cloud.
Preliminary Planning Actions
1) Determine Endpoints to secure with Infocyte
2) Determine Stakeholders and Owners for the following
- Change Management Approval (Internal P&P)
- Network Credentials
- Firewall and Networking
- Anti-virus and Security Appliance Configuration
- Software Deployment Approval (Internal P&P)
Note: The attached Planning Template can be used, all or in part, to help document your steps above. If you complete this document, the Infocyte Onboarding team can better assist you in your deployment needs. Filename: Planning Template and Questionnaire.xlsx (Linked below)
The first communication you will receive from Infocyte will include a link to your newly created Infocyte Instance and a temporary password, unless you have multiple SaaS instances with Infocyte. In which case, your Infocyte representative will let you know when the new instance is created. In this case your credentials will be the same based on Single Sign-On standards. Once you receive notification, you will be able to navigate to your instance to change your password or to begin the configuration process.
2) Based on your preferred access method from Step 3 in the preliminary steps, download either an Agent or a Controller. For Agent installation, this step will need to be repeated, but can be automated with CLI commands, or Network Admin Tools such as GPOs or Remote Management Tools. Click here for information on Controller (Agentless) Installation.
4) Create Target Groups for your devices from Step 1 in the preliminary steps.
5) Test your completed setup by running a Manual Scan of one or more devices.
6) If your scans completed, you have successfully installed Infocyte.
Infocyte is always available to assist further, and your Infocyte point of contact can be reached out to for Basic and Intermediate level training. Support is also always available at firstname.lastname@example.org.