Blog
AI’s Biggest Compliance Problems: Getting AI to Comply Series, Part V
Learn MoreBeating the Market: How to Evaluate AI
Learn MoreAutopsy 4.14 Release Highlights
This blog summarizes some of the highlights of the latest Autopsy release. It’s a new format to give you a summary of the most important changes. The full list of...
Learn moreHow to Use OODA in Your Incident Response Process in 2020: Observe
The holidays are over, we’ve caught up on our work, and it’s time to reload the concept of the endpoint triage OODA loop back into our brains. In this post,...
Learn moreVersion 2.11 Features: Investigation History, Timeline Filtering, and More!
Cyber Triage has two sets of users and we do our best to make them both happy (even though they want different features). The most recent 2.11 release focused on...
Learn moreDeep Learning Brings Fuzzy English-to-Japanese Name Matching Into Focus
Matching thousands of Latin-based names to their Japanese equivalent is a very specific and troublesome problem. It is one of many “edge cases” (i.e., a specific name matching problem) our...
Learn moreOur Chief Scientist presents at AI Week in Tel Aviv
Dr. Kfir Bar presented his speech at AI Week, AI in Any Language: Using Deep Learning to Build Truly Global Named Entity...
Learn morePart 2 of Steve Cohens ACAMS Today article releases.
How AI-Driven Social Media Monitoring for AML Works: Part...
Learn moreSteve Cohen writes another awesome ACAMS Today Article
A Real-Life Blueprint on AI for Sanctions...
Learn moreHow to Use OODA Loop in Your Incident Response Process in 2020
In this post, we’ll cover a unique approach to applying the principles of OODA loop to your incident response process. In the Intro to DFIR series, we talked about specific...
Learn moreWelcome to OFAC Compliance, Apple
Name matching failure results in $467,000 fine and delivers a wake-up call for all companies Once upon a time, it seemed only banks and border security had to worry about...
Learn moreCyber Triage 2.10 Features: Visualization, Exporting, and More
Cyber Triage 2.10 came out last month right before our workshop at OSDFCon, and we wanted to highlight a few user-requested features (recommendation engine visualization, flagging unseen files, and CSV...
Learn moreIntroducing Smart Name Matching for Addresses
Rosette now offers smart matching for person names, addresses, and dates Astaire Avenue, Garland Drive, Lamarr Avenue, Skelton Circle, and Hepburn Circle are real street names in Culver City, CA,...
Learn moreHow to Detect System Configuration Changes – Intro to Incident Response Triage (Part 9) in 2019
This post outlines how you can identify system configuration changes that were made by an intruder during an incident response investigation. We were on a roll with this Intro to...
Learn moreKMWorld Magazine references Basis Tech
Sue Feldman from KMworld magazine references Steve Cohen and other members of the panel recently held at DBTA’s Data summit, in her article about Ethical Issues in AI and Cognitive...
Learn moreSteve Cohen on NASDAQ Trade talks with Jill Malandrino
Steve Cohen talks about how AI built for mission critical applications are making it into...
Learn moreHow to Detect Malware Remnants – Intro to Incident Response Triage (Part 8) in 2019
In this post, we are going to review how to detect malware remnants during an incident response investigation. A fundamental step in any DFIR triage scenario is to determine if...
Learn moreWhat’s in a Persian Name?
How Persian names are composed from history, social class, religious affiliation, and geographic origins This month we have a special blog post by computational linguist and NLP engineer Zina Saadi....
Learn moreHow to Detect Running Malware – Intro to Incident Response Triage (Part 7)
Finding evidence of running malware is critical in DFIR, and this 7th post in my “Intro to Incident Response” series focuses on that. We’re going to cover how malicious code...
Learn moreRosette 1.14 Release: Entity linking to Thomson Reuters PermID, Multi-model language identification
The August release of Rosette 1.14 brings new features to entity extraction and linking, as well as language identification. Roadmap for linking entities to multiple knowledge bases In addition to...
Learn moreIncident Response Recommendation Engine: “You may like this process based on your interest in this file”
We’ve gotten used to websites suggesting products based on our past purchases and browsing habits. Now, your DFIR tool can do the same (well, it will recommend artifacts and not...
Learn moreIntro to Incident Response Triage (Part 6) in 2019: Malware Persistence
This post tackles how to investigate malware persistence during incident response. We’re on a roll on this Intro to Incident Response series after its 2-year vacation. We’re up to posting...
Learn moreSecurity Boulevard references Cyber Triage Blog
Great piece by Tony Kontzer from Security Boulevard about the importance of speed in digital forensics and Incident Response. He references our own Cyber Triage Blog on the same subject....
Learn moreSteve Cohen’s Latest Piece for ACAMS Today
Steve Cohen released his latest article for ACAMS Today alongside Glen Dinetz of eClerx, titled “AI in AML: State of Innovation...
Learn moreIntro to Incident Response Triage (Part 5) in 2019: User Activity
In this 5th article on our Intro to Incident Response series, we dive into investigating user activity. It’s the last that focuses on users, helping investigators understand if an account...
Learn moreWhat’s the Difference Between Entity Extraction (NER) and Entity Resolution?
Entity extraction, or named entity recognition (NER), is finding mentions of key “things” (aka “entities”) such as people, places, organizations, dates, and time within text. Entity mentions are the words...
Learn moreHow to Investigate User Logins – Intro to Incident Response Triage (Part 4) in 2019
In this post in our Intro to Incident Response series, we’re going to focus on investigating user logins to find suspicious user activity. This helps to identify user accounts that...
Learn moreCross-Lingual Search Based on Concepts and Meaning
We’ve recently released this whitepaper which explores a new way to solve cross-lingual semantic search. Rather than use machine translation to translate queries or search records, this approach delivers better...
Learn moreCollect Arbitrary Files Any Time During Incident Response
As we’ve talked about many times before on this blog, speed is of the essence during incident response and endpoint triage. To get quick answers, digital forensics and incident response...
Learn moreJeanne Le Garrec’s interview by French Tech Singapore about Women In Tech
Le Garrec talks all about NLP, text data analytics, deep tech and the work she is currently doing in...
Learn moreBasis Technology Brings Deep Search to Salesforce
Basis Technology acquires KonaSearch to provide millions of Salesforce users access to AI-driven...
Learn moreIntro to Incident Response Triage (Part 3) in 2019: User Enumeration
Two years ago, I started to write a series of blog posts introducing incident response triage that evolved out of DFIR talks I was giving at conferences. I got two...
Learn moreSteve Cohen’s article “The Problem with Magic” Released on FactSet Insight.
Steve Cohen’s article about AI, NLP, financial services, and AML is available on FactSet...
Learn moreCarl Hoffman on NELTP Conference Privacy Panel
Carl Hoffman got the opportunity to be on the Privacy Panel at the NELTP Connect Conference, where he joined other industry experts to discuss emerging trends in litigation...
Learn moreSteve Cohen writes a piece on NLP, words, and identity for ACAMS Today
Steve Cohen’s piece “Impossible Evidence: Words, Identity, and AI” explores the story of Kadiza Sultana, NLP, and...
Learn moreSteve Cohen stops by CSI’s Fintech Focus Podcast
Steve Cohen explains the difference between AI and Machine Learning, how computers learned to understand human language, and why finance needs NLP all on episode 16 of Fintech...
Learn moreCarl Hoffman talks NLP on Experiencing Data Podcast
Featured on another great podcast, Carl Hoffman discusses all things NLP with Brian O’Neill on the Podcast Experiencing...
Learn moreHow to Speed Up Incident Response in 2019: Faster Scoping
In our final post in our series on increasing incident response speed, we’re talking about scoping. As a reminder, we’ve reviewed these digital forensics and incident response (DFIR) phases: Start...
Learn moreChris Mack talks AI for Good at ODSC East 2019
Basis Technology’s VP of Text Analytics, Chris Mack, presented just how AI can be used for Good at the ODSC East Conference...
Learn moreRosette Product Update Webinar 5/29
This one-hour webinar was all about Rosette Text Analytics advancements in NLP: Name Matching, Entity Extraction and...
Learn moreSteve Cohen on Episode 40 of the Podcast AI at Work.
On the 40th episode of AI at Work, Steve Cohen and Talla CEO Rob May, explored how Natural Language Processing is applied today and its possibilities for the...
Learn moreBasis Director of Applied Engineering, Declan Trezise, won AI Night at EIC19!
Declan Trezise won the Speech Competition at the 2019 European Identity and Cloud Conference, earning a cash prize–and the opportunity to speak at an AI conference in...
Learn moreSteve Cohen on Breaking Banks Podcast
Steve Cohen talks about how AI tech is revolutionizing the fight against financial crime on Breaking Banks Podcast...
Learn moreQueue Incident Response Collections to Triage and Prioritize
When DFIR consultants or law enforcement get to a customer site, it can be hard to know where to start a digital investigation, or how to prioritize incident response collections....
Learn moreHow to Speed Up Incident Response in 2019: Faster Analysis (Part 2)
In the last post, we talked about the types of DFIR analysis techniques. Now, we’re going to focus on incident response analysis tools and their role in speeding up investigations....
Learn moreFinding Intrusion Evidence in the Same Folder
Finding digital evidence during DFIR is hard and often involves identifying something suspicious and investigating. One technique is to look in the same folder as a suspicious item to see...
Learn moreGetting Data Into the Communications UI
As part of our work with DHS S&T, we added some new features last year into Autopsy around storing and displaying messaging-based data. You could always store messages and contact...
Learn moreHow to Speed Up Incident Response in 2019: Analyze Faster (Part 1)
This post (and the next) will focus on the best strategies to reduce the time it takes to analyze data during incident response. If you’re wondering why we focus on...
Learn moreHow to Speed Up Incident Response in 2019: Faster Artifact Collection
This post will focus on the best strategies to accelerate data collection during incident response (IR). But, before we lay any strategies on the table, let’s discuss why speed during...
Learn moreHow to Speed Up Incident Response in 2019: Start the Investigation Faster
To improve overall speed in digital forensics and incident response (DFIR), the time it takes to execute each step in the process shown below has to be reduced: Start the...
Learn moreYou Say Jamāl, He Writes Djamel: Influences on Western Transliteration of Arabic Names
When it comes to name searching and matching, each language poses its own unique challenges. Arabic is one of the most complex languages for name-matching applications to analyze. This article...
Learn moreHow Data Annotation Works: Inside NLP and Search, Part IV
Interested search technology—or AI generally? Over the next four weeks, we’re going to take an in-depth (and interesting!) look at the technology that makes modern search tick. This week, we’re...
Learn moreWhy Data & Data Annotation Make or Break AI: Inside NLP and Search, Part III
Interested search technology—or AI generally? Over the next four weeks, we’re going to take an in-depth (and interesting!) look at the technology that makes modern search tick. Today we’re digging...
Learn moreEntity Linking and Too Many (Tim) Cooks: Inside NLP and Search, Part II
Interested search technology—or AI generally? Over the next four weeks, we’re going to take an in-depth (and interesting!) look at the technology that makes modern search tick. This week, we’re...
Learn moreSteve Cohen Featured Speaker on ACAMS Webinar
In the March webinar, Steve Cohen tackled the unique challenges anti-money laundering (AML) departments face when working with AI...
Learn moreYour Search Engine, AI, and You: Inside NLP and Search, Part I
Interested search technology—or AI generally? Over the next four weeks, we’re going to take an in-depth (and interesting!) look at the technology that makes modern search tick. Let’s dive in...
Learn moreHow AI Will Transform RegTech: An Interview with David Schwartz
Ahead of the Florida International Bankers Association’s (FIBA) AML Compliance Conference next week in Miami, Basis Technology decided to interview David Schwartz, President & CEO of the association. From the...
Learn moreDuplicate Document Detection & Cross-Lingual Search
How to automate mundane tasks and find relevant text using text embedding Numbers are great, because they are easy to compare, tabulate and examine. Text? Not so much. But text...
Learn moreThree Ways to Tackle the Black Box Problem: Getting AI to Comply Series, Part XI
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreTransparency Isn’t Enough: Getting AI to Comply Series, Part X
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreWebinar Recording: Deep Learning’s Impact on NLP
In December 2018, our Chief Scientist Kfir Bar presented a 30-minute webinar about: How deep learning is impacting NLP Pros and cons of deep learning for NLP Factors to consider...
Learn moreUnderstanding Explainable AI: Getting AI to Comply Series, Part IX
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreThe Clash of Regulation and Innovation: Getting AI to Comply Series, Part VIII
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreHungarian Names: Challenges For Fuzzy Name Matching
The main façade of the Fisherman’s Bastion.The seven stone towers with their pointed tops symbolize the leaders of the Hungarian tribes who conquered the country in 896 AD. Image credit:...
Learn moreRegulation, Technology, & Financial Crime’s Arms Race: Getting AI to Comply Series, Part VII
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreRosette Cloud 1.12: New Languages for Entity Linking, Better Korean Named Entity Extraction, and Delivery via Docker!
We’re thrilled to announce the latest version of Rosette (1.12). This release features many exciting updates to our text analytics platform, including expanded language coverage, better accuracy, as well as...
Learn moreAI’s Biggest Integration Hurdles: Getting AI to Comply Series, Part VI
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreAI’s Biggest Compliance Problems: Getting AI to Comply Series, Part V
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreCyber Security’s White Knight: Getting AI to Comply Series, Part IV
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreNever Search Again: Getting AI to Comply Series, Part III
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreThe Essential AI Value Prop: Getting AI to Comply Series, Part II
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreWhat Is AI? Complex Technology in Plain English: Getting AI to Comply Series, Part I
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreWhat Is AI? Complex Technology in Plain English: Getting AI to Comply Series, Part I
This fall, we’re sharing a series of blog posts exploring AI’s impact on highly regulated industries and the major compliance barrier that stands in the way: the “black box” problem....
Learn moreAn Honest Guy on AI IV: Entity Resolution, Pragmatism, and the “Black Box” Problem
If you have a low tolerance for buzzwords, you’re in the right place. This interview with Carlos Azeglio, Basis Technology’s senior product manager, gives an insider’s perspective on AI and...
Learn moreRosette Cloud 1.11: New Entity Types, Hungarian Names, and Cross Language Semantics
We’re thrilled to announce the latest version of Rosette (1.11). It’s a big one — lots of exciting new features, enhancements, and improvements. We hope you’ll check it out! TL;...
Learn moreData Source-level Focus in Large Cases
The 4.8.0 release of Autopsy is out and the major themes in the release are: Focus on data source-level review in large cases Keyword search accuracy improvements Tagging efficiencies Plus...
Learn moreAn Honest Guy on AI, Part III: NLP, Finance, and Risk
Financial institutions, historically, have had enough to worry about. With new technology disrupting the industry at an exponential rate, and more variables coming into play constantly, what FIs need is...
Learn moreThe Most Effective Entity Extraction Techniques
A hybrid of entity extraction methods to compensate for various strengths and weaknesses Just as you would never use a screwdriver to insert a nail, each type of entity is...
Learn moreAnalyzing Thai Names: Superstition, History, and Foreign Influence
Names are inherently complex to analyze, match, and resolve in any language, but Thai names in particular are uniquely challenging to understand and match. Naming conventions in Thailand have a...
Learn moreAn Honest Guy on AI, Part II: AI, Hype, and Risk Technology
If you have a low tolerance for buzzwords, you’re in the right place. This interview with Basis Technology VP of Product Chris Mack gives an insider’s perspective on AI and...
Learn moreAn Honest Guy on AI: Limitations and Applications of AI for Risk
If you have a low tolerance for buzzwords, you’re in the right place. This interview with Basis Technology COO Steve Cohen gives an insider’s perspective on AI and its impact...
Learn moreBeating the Market: How to Evaluate AI
Over the course of the past month, we’ve shared a series of blog posts telling you everything you need to know about leveraging AI technology for finance and risk. Missed...
Learn moreWhat Can AI Do for Risk Technology Today?
AI doesn’t have to be capable of half of what’s been promised to make a significant impact on risk technology. You don’t need 1000 machine learning specialists; you don’t need...
Learn moreAutopsy 4.7 Includes Link Analysis, Database Viewers, Triage, and More
With the latest Autopsy release, you have access to many new features and fixes. This post will give a high-level overview of the notable ones. Communications: The previous 4.6.0 release...
Learn moreThe State of Risk Technology
Financial institutions (FIs) are a cornerstone of economic and societal stability, but their size and complexity make it difficult for them to change with markets and technologies. FIs host vast...
Learn moreThe AI Hype Machine: Part II
This spring, we’re sharing a series of blog posts exploring where AI technology delivers on its promises and where it fails to live up to the hype, especially as it...
Learn moreAutopsy 4.6 Includes New Communications Viewers, Encryption Detection, and More.
The latest release (4.6.0) of Autopsy introduces many new features and fixes and this post will give a high-level overview of the notable ones. We’ll dive into details in the...
Learn moreCorrelate Cases and Get Intelligence
Overview Starting with Autopsy 4.5.0, you can now determine when a file or phone number (or other artifact) was seen in a previous case. You can also be alerted when...
Learn moreTriage Media With Autopsy 4.4.0
With the new Autopsy 4.4.0 release, we introduced some new triage features that help you more quickly answer some questions about a hard drive or smart phone. The goal of...
Learn moreAutopsy 4.1.0 Release
Autopsy 4.1.0 has been released after a long drought. So, it has a longer list of features than usual. You can download it from sleuthkit.org. Here is a quick summary...
Learn moreCollaborative Autopsy: How It Works
At OSDFCon this year, we launched a new version of Autopsy with a number of collaboration features. The fundamental interface and end use of Autopsy hasn’t changed with the new...
Learn moreCollaborate on Cases with Autopsy 4.0
At the Open Source Digital Forensics Conference last week, we announced the launch of Autopsy 4.0, the free and open source digital forensics platform that now adds major features promoting...
Learn moreThe Volatility team talks proactive threat hunting with memory forensics (an OSDFCon presentation)
Our final OSDFCon blog series featured speaker is actually a collective: the team behind the nonprofit Volatility Foundation. This year, memory forensics has evolved once more, and the Volatility team...
Learn moreThe advantages of cloud computing for forensic analysis (an OSDFCon presentation)
Google team members are back on our blog this week for another installment of our blog series on the speakers and topics we’re offering at OSDFCon this coming October. This...
Learn moreA case study in new generation timeline tools (an OSDFCon presentation)
This week’s featured speaker in our OSDFCon blog series is Daniel White, a security engineer at Google. Daniel is offering both a lecture at OSDFCon and a half-day workshop the...
Learn morePython Autopsy Module Tutorial #3: The Report Module
It’s time for the final Python tutorial in this series and just in time to give you a chance to write something for the OSDFCon Autopsy Module Competition. In our...
Learn moreIntroducing SQUID: Don’t miss evidence because the app updated! (an OSDFCon presentation)
This week we continue our blog series covering the speakers and topics we’re offering at OSDFCon in Herndon this coming October. Ryan Benson, a digital forensic examiner at Stroz Friedberg’s...
Learn moreA plugin that overcomes the limits of traditional blacklist file-hash comparisons (an OSDFCon presentation)
This week we continue our blog series covering the speakers and topics we’re offering at OSDFCon in Herndon this coming October. Michael McCarrin and Bruce Allen, Research Associates at the...
Learn moreInferring Past Activity from Partial Digital Artifacts (an OSDFCon presentation)
This week we continue our blog series covering the speakers and topics we’re offering at OSDFCon in Herndon this coming October. Jim Jones, Associate Professor of Computer Forensics and Cybersecurity...
Learn moreOpen Source Live Data Collection for Incident Response (an OSDFCon presentation)
With this year’s topics and speakers now lined up for OSDFCon, we thought we’d take the time to highlight each speaker’s work that led them to join us in Herndon,...
Learn more
