Ingest triage output or analyst context.
Video walkthrough
Auto-IR
Automated incident response, forensics, and playbook execution
Walkthrough
Auto-IR — demo Demo
Product demo — not a live environment.
How it works
- 1 Scope incident
- 2 Forensics connect
SSH-guided collection with playbook constraints.
- 3 Playbook execution
Ransomware, persistence, lateral movement scripts.
- 4 Evidence report
Gap table, timeline, and chain-of-custody notes.
Capabilities
- SSH forensics with guided playbooks
- Ransomware, persistence, and lateral movement scenarios
- Evidence chain and timeline reconstruction
- Gap analysis when collection is incomplete
MCP tools
forensics_ssh_connecttriage_parse_email
Screenshots
Auto-IR — workflow
Add screenshot after recording demo
Auto-IR — output
Add screenshot after recording demo
Related scenarios
Ready to see ClawDesk in action?