Deep Dive On Portable Case Part One

One of the most important parts of the forensic process is reporting and collaborating on findings. Magnet Forensics has built Portable Case, a feature of Magnet AXIOM and Magnet IEF to help foster that collaboration and make it more integrated, and thus less painful.

Our Director of Forensics, Jessica Hyde, and our Forensic Consultant, Jamie McQuaid are taking an in-depth look at Portable Case to help our customers understand all the benefits and features.

In part one, Jessica gives an overview of Portable Case and its benefits.Using Portable Case to Collaborate

Often during a digital forensic examination, it is necessary to collaborate on a case with other stakeholders. This can include attorneys, other investigators, subject matter experts, translators, human resources, and clients. AXIOM allows the forensic examiner to collaborate in this way via Portable Case.

Sometimes sharing a report is not always the best way for a stakeholder to review data. Often you may have multiple people with differing expertise involved in a case. By sharing a Portable Case, stakeholders can explore the evidence and add their own comments. The examiner can collaborate with the stakeholders and merge their feedback in the form of tags, comments and bookmarks back into the case.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

The examiner has the option to create a portable case containing some or all the artifacts that have been parsed from the case. This allows the examiner to provide the stakeholders with the necessary portions of the case without overwhelming them if it is not necessary.

Workload management
If a case requires multiple examiners, you can pass a portable case to additional examiners. This allows multiple examiners to provide feedback and merge comments. Content review can be shared across a team and the results merged together. With portable case, you can create different content in different portable cases. For example: you can divide the case by type of content with one examiner looking at pictures and videos while another looks at the user’s emails and chats.

No additional license required
Portable case includes an executable so that your stakeholders can look at the case and navigate through the artifact data just as the examiner would and take advantage of the different views and filters. You can share the portable case without the need for an additional AXIOM license.

The portable case provides an easy interface for other examiners or stakeholders working on the investigation. The primary difference is that they will not have access to the File System or Registry views.

Visit the Magnet Forensics blog (https://www.magnetforensics.com/blog/deep-dive-portable-case-part-one/)to learn more about Portable Case features including:
Comment, Tag, and Bookmark

Merge feedback

Relevant Evidence Compliance

Wrapping it up

Part Two
In part two of our Portable Case blog series, Jamie will guide users through a step by step in setting up and sharing a case.

Leave a Comment

Latest Videos

Digital Forensics News Round Up, February 28 2024 #digitalforensics #dfir

Forensic Focus 29th February 2024 4:58 pm

Digital Forensics News Round-Up, February 21 2024 #digitalforensics #dfir

Forensic Focus 21st February 2024 6:19 pm

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts. 

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director 
43:45 – Privacy of user data

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts.

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director
43:45 – Privacy of user data

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_ifoHVkjJtRc

How MSAB Is Managing The Digital Forensics Challenges Of Frontline Policing

Forensic Focus 21st February 2024 3:07 pm

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles