This post was last updated on June 9th, 2021 at 11:58 am

Dynamic Response with Infocyte Extensions

Enable your teams to amplify their impact and respond at scale with Infocyte Core Extensions. Streamline asset discovery, alert validation, threat detection, forensic analysis, incident response, remediation and recovery within a single cloud based platform that reaches ALL your endpoints.


Infocyte Core Extensions

Collection Extensions

Enable YARA Scanning

E-Discovery and PII Search

Memory Extraction


Evidence Collector

Amcache Parser

Action Extensions

Terminate Process

Host Isolation & Restore

Deploy Infocyte Agent

Recover Files

AppData Artifact Triage

Windows Volume Shadow Copy

Delete File

Disable Service

Delete Registration Key

Fast Investigations, Faster Incident Response.

Collection Extensions

Collect, Analyze, and Understand Risks

Collection Extensions extend what Infocyte and your endpoint security tools collect and how that data is analyzed. For example, you can analyze your own registry keys, run commands, collect logs, enable YARA scanning on your endpoints, and more.

Action Extensions

Provide Security Incident Response at Scale

Action Extensions provide Infocyte and your endpoint security tools a mechanism for making changes to endpoints and systems. For example, you can isolate compromised hosts, install a heavier forensic tool, use Windows Volume Shadow Copy and Recover, perform a memory dump, and more.

Infocyte Extensions GitHub

Collaborate, Build, and Deploy Together

Develop, deploy, and share custom Collection and Action Extensions on Infocyte Extensions GitHub. Contribute and collaborate with other cybersecurity experts to build advanced capabilities and improve endpoint security for everyone.

Advanced & Custom Extensions

1. Add your Extension

From the Infocyte Admin area, click "Add Extension." You can create an Action (Response) or Collection (Analysis) Extension.

2. Code your new Extension

Once you click "Add Extension" you'll be prompted to provide a Name and select a Type. You can code within the embedded editor, or paste your code from GitHub or another source.

3. Save and Activate your Extension

After you code your Extension, you'll simply hit "Save" and be returned to the main Extensions page. From there, you can Activate your new Extension.

If they try it, Infocyte will stop it.