Introducing Silo Workspace: the unified, multi‑app investigations suite

Silo Workspace extends beyond the browser to deliver security, anonymity, and control across the apps that are key for today's intelligence mission.

Digital investigations take researchers across the web and into a wide range of internet-connected applications. What used to be as simple as asking a search engine now means following breadcrumbs into specific discussion forums, geo-restricted assets, or structured application data.

Accessing content or following leads into these corners is a challenge. Researchers need to mask their identity and affiliation, prevent malicious content from touching compute resources, collect and process target content, and remain within organizational policy guidelines.

As the number of applications and types of data increase, the security and compliance challenges compound. Building on the industry-leading Silo for Research platform, Silo Apps extends the inherent security, anonymity, and oversight to cover investigations across internet-connected applications and data sets without sacrificing the speed and simplicity that Silo users are accustomed to. 

An integrated workspace for digital investigations

Silo Apps delivers secure, containerized applications in the cloud — purpose-built for online research, open source investigations, threat analysis, and more. 

Silo Apps are grouped into workspaces and are anchored by a Silo for Research browser, which defines the attribution management and fingerprint parameters for the workspace. While each application executes in its own on-demand container, they share a common IP address, data persistence model, and access to common clipboard and Silo Drive data. 

This means that each application works in concert, but under the same specified regional parameters and security umbrella. A link clicked in Telegram opens in the appropriate regionally configured browser, data copied from the browser and pasted into Maltego allows analysis, and visualizations preserve tradecraft and prevent exposure to potentially malicious content. Executing apps in Silo containers enables local system-like interoperability while preserving the inherent security and anonymity of the Silo platform.

Investigation threads need to be kept separate, so different workspaces can be configured with different parameters and apps. Each of those apps operates in concert as described above, but the instances are kept completely separate, preventing any leakage or cross-contamination across investigations. 

Each application is built on-demand in separate containers. Secure communications channels are established between configured apps. As new apps are added, they are configured appropriately. And when apps are closed, user data is extracted, encrypted, and stored — ready to be injected into a fresh app version in the next session. This gives users a native-like, persistent experience while preventing countermeasures that might expose an investigator.

All traffic for all applications routes through the selected IP on the Silo Managed Attribution Network, concealing user identity and geolocation behind authentic, in-region profiles, anywhere in the world. And with Silo Drive, all content is encrypted and stored in the cloud, in separate directories associated with each investigation.

With this release, we’re supporting these apps:

• Telegram - to follow subjects or forums in their native environment
• Maltego - to analyze and visualize asset links and relationships
• LibreOffice - to analyze rich text or CSV files, or to create documents
• Obsidian - to build knowledge maps of your investigations
• Gedit text editor - to create scripts or manipulate text-based files

Additional apps for popular messaging, analysis, productivity, programming, and more will be released on an ongoing basis.

Administrators are just as important

Unlike other approaches, Silo is cloud-native, on-demand platform that minimizes administrative overhead. There’s no instance configuration, capacity planning, patching, or updating; simply sync Silo with your directory and provision user accounts. With Silo’s centralized administrative model, all provisioning, revocation, exceptions, and entitlements are managed in a simple web-based front end. Policies can be defined at the root or any sub-org in the admin-defined hierarchy. And Admins can delegate admin and support roles across users in the organization.

Maintaining oversight of these complex workstreams is a critical requirement. The cost of abuse may lead to compliance violations, undermine investigations, or worse. Verbose user activity data is encrypted with customer-managed keys and logged. APIs allow log extract and management. In the next release, we will provide real-time alerting capabilities and a screen recording of user sessions. The goal is to ensure proper use in high-risk investigations.

Silo connects with your existing enterprise infrastructure, whether automating user accounts through directory synchronization, federating authentication with SSO, or feeding audit data into your SIEM platform.

With access to a broad range of applications in a secure and anonymous research platform, users can follow their investigation threads wherever the path takes them. And administrators maintain the control and oversight over how the tools are being used.

Try Silo for free today and discover how effective and efficient your digital investigations can be.