Skip to main content

Fetch is the data collector responsible for gathering raw forensic artifacts, logs, and system data from various sources. It ensures that all necessary information is extracted and preserved in its raw form before being processed.

Once Fetch collects the data, it passes it to Remi, the AI-powered pipeline that transforms the raw data into a structured format for analysis.

  1. Schema Mapping & Normalization:
    • Remi aligns the collected data with the predefined schema, ensuring all fields (timestamps, event types, metadata) follow a unified structure.
    • Time inconsistencies and format variations are normalized to a standard format, enabling uniform analysis across different log types.
  1. Data Cleaning & Enrichment:
    • Noise, duplicate records, and irrelevant entries are filtered out.
    • Missing data is handled intelligently to maintain data integrity.
  1. First-Layer Detection:
    • The cleaned and structured data is ingested into the detection layer, where preliminary threat analysis is performed.
    • Early-stage indicators of anomalies (e.g., suspicious logins, privilege escalations, tampered files) are flagged for further investigation.

Together, Fetch and Remi streamline forensic data ingestion, ensuring it is accurate, normalized, and ready for advanced detection models.

REMI: Portable AI Pipeline for Field Examiners & Auditors

REMI is a portable AI pipeline that ingests data to identify financial crimes, theft, hacking, and fraud, generating timelines and incident narratives in natural spoken language.

Multi-Threading Allows Multi-Source Concurrent Data Collections

REMI enables fast, multithreaded data collection and forensic imaging, while cleaning and normalizing data for AI analysis, with options for secure archiving and preservation.

Data Correlation That Links Incidents To People & Groups

Data correlation helps investigators and auditors by connecting related pieces of information across different data sources, such as logs, files, and user activities. By identifying patterns and relationships between these data points, it provides a clearer picture of events, enabling a more accurate analysis of incidents, fraud, or anomalies in the system.

Pattern, Behavioral, and Time Analysis Detects Crimes, Fraud, & Hacking

REMI's AI-driven pattern, behavioral, and time analysis detects anomalies in user behavior, system interactions, and login times, revealing coordinated attacks and evolving threats

In Minutes, You Get an Incident Narrative in Natural Language Processing (NLP)

REMI's AI-driven Natural Language Processing (NLP) analyzes unstructured data like emails and chat logs, detecting suspicious keywords, fraud indicators, and communication patterns to help identify insider threats or illicit activity.

Advanced Timeline Groups The Incidents into 15-Min. Intervals By Session ID

REMI automates forensic report creation, generating structured, detailed reports with confidence scores and timelines, allowing examiners to focus on the investigation while reducing manual documentation efforts.

Fetch is Your Single Cross Platform Data Collection Tool

Remote Digital Evidence Collection

✅ Securely collect forensic data from remote machines.
✅ Supports Windows, Mac, Linux, and cloud environments.
Keyword-based targeted collection for precision investigations.

Unified Schema for Cross-Platform Analysis

✅ Standardized schema ensures seamless correlation across log types.
✅ Supports firewall, antivirus, registry, malware, cloud, Outlook 365, and more.
Session tracking to reconstruct attack timelines.

Advanced Malware & Threat Analysis

✅ Detects malware persistence, exfiltration, and rootkits.
✅ MITRE ATT&CK mapping for threat intelligence insights.
✅ Tracks ransomware behavior (encryption, ransom demands, and C2 communications).

Live & Historical Forensic Investigation

✅ Supports EVTX, registry exports, and network logs.
✅ Investigate historical intrusions, insider threats, and active compromises.
GeoIP tracking to pinpoint attacker locations.

Smart Pre-Detection Data Cleanup

Removes duplicates and standardizes timestamps.
✅ Filters out false positives to refine investigations.
Prepares data for real-time Layer 1 detection.

Secure Chain-of-Custody & Audit Logging

✅ Hash-based integrity verification for legal compliance.
✅ Detailed audit logs track every step of the investigation.
✅ Supports court-admissible forensic data collection.