What is / Forensic Acquisition and Investigation File Analysis?
Malicious File Analysis
It analyzes malicious files—such as scripts, executables, or documents—and explains their behavior. For example, it can identify if a script downloads and executes a payload, modifies registry keys, or establishes persistence mechanisms:

Availability
/ Forensic Acquisition and Investigation File Analysis is enabled by default on versions v2.299.0 and later. Whilst earlier versions optionally used a local LLM if users opted-in, this instead now uses a non machine learning approach.