Binalyze AIR MCP Server

Tools · 65

• Asset Management List assets in your organization.
• Asset Details Get detailed information about a specific asset by its ID.
• Asset Tasks Get all tasks associated with a specific asset by its ID.
• Acquisition Profiles List acquisition profiles.
• Acquisition Tasks Assign evidence acquisition tasks to endpoints.
• Image Acquisition Tasks Assign disk image acquisition tasks to endpoints.
• Baseline Acquisition Acquire baseline data from specific endpoints to establish a reference point.
• Compare Baseline Compare multiple baseline acquisition tasks for a specific endpoint to identify changes.
• Get Comparison Report Retrieve comparison result report for a specific endpoint and task.
• Create Acquisition Profiles Create new acquisition profiles with specific evidence/artifact/network settings.
• Acquisition Artifacts List available artifacts for evidence collection.
• Acquisition Evidences List available evidence items for forensic data collection.
• Reboot Tasks Assign reboot tasks to specific endpoints.
• Shutdown Tasks Assign shutdown tasks to specific endpoints.
• Isolation Tasks Isolate or unisolate specific endpoints.
• Log Retrieval Tasks Retrieve logs from specific endpoints.
• Version Update Tasks Assign version update tasks to specific endpoints.
• Organization Management List organizations.
• Case Management List cases in your organization.
• Policy Management See security policies across your organization.
• Task Management Track forensic collection tasks and their statuses.
• Triage Rules View YARA, Osquery and Sigma rules for threat detection.
• User Management List users in your organization.
• User Details Get detailed information about a specific user by their ID.
• Drone Analyzers View available drone analyzers with supported operating systems.
• Audit Log Export Initiate an export of audit logs.
• List Audit Logs View audit logs from the system.
• Uninstall Assets Uninstall specific assets based on filters without purging data.
• Purge and Uninstall Assets Purge data and uninstall specific assets based on filters.
• Add Tags to Assets Add tags to specific assets based on filters.
• Remove Tags from Assets Remove tags from specific assets based on filters.
• Auto Asset Tagging Create and update rules to automatically tag assets based on specific conditions.
• List Auto Asset Tags List all existing auto asset tag rules.
• Get Auto Asset Tag Details Get detailed information about a specific auto asset tag rule by its ID.
• Delete Auto Asset Tag Delete a specific auto asset tag rule by its ID.
• Start Auto Tagging Initiate the auto tagging process for assets that match specific filter criteria.
• E-Discovery Patterns List available e-discovery patterns for detecting different file types.
• Policy Management List, create, update, and delete policies in your organization.
• Policy Match Statistics See which policies apply to your assets based on various criteria.
• Task Assignment Management View and manage task assignments.
• Triage Rules Management List, create, update, and delete triage rules for threat detection.
• Triage Tags Management List and create triage tags for threat detection.
• Validate Triage Rule Validate a triage rule syntax without creating it.
• Assign Triage Task Assign a triage task to endpoints based on filter criteria.
• Add Note to Case Add a note to a specific case by its ID.
• Update Note in Case Update an existing note in a specific case.
• Delete Note from Case Delete a note from a case by its ID.
• Export Cases Export cases data from the system.
• Export Case Notes Export notes for a specific case by its ID.
• Export Case Endpoints Export endpoints for a specific case by its ID.
• Export Case Activities Export activities for a specific case by its ID.
• Create Case Create a new case in the system.
• Update Case Update an existing case by ID.
• Get Case by ID Get detailed information about a specific case by its ID.
• Close Case by ID Close a specific case by its ID.
• Open Case by ID Open a specific case by its ID.
• Archive Case by ID Archive a specific case by its ID.
• Check Case Name Check if a case name is already in use.
• Get Case Activities Get activity history for a specific case by its ID.
• Get Case Endpoints Get all endpoints associated with a specific case by its ID.
• Get Case Tasks by ID Get all tasks associated with a specific case by its ID.
• Get Case Users Get all users associated with a specific case by its ID.
• Remove Endpoints from Case Remove endpoints from a case based on specified filters.
• Remove Task Assignment from Case Remove a specific task assignment from a case.
• Import Task Assignments to Case Import task assignments to a specific case.