Find More Evidence That Matters With Magnet AXIOM 3.0

We’re excited to release the most powerful and comprehensive version of Magnet AXIOM: Magnet AXIOM 3.0. With AXIOM 3.0, we’re giving you the ability to recover digital evidence from more sources than ever before (including Mac computers and new cloud sources), a powerful and intuitive new Timeline view, and much more.Find out more about what’s included in Magnet AXIOM 3.0 below and watch a video announcement from our VP of Product Management, Geoff MacGillivray here:




If you’re currently using Magnet AXIOM, you can download the update within AXIOM or in the Customer Portal now. If you haven’t tried AXIOM yet, request a free 30-day trial here.

New in Magnet AXIOM 3.0: Mac Support

With AXIOM 3.0, we’ve introduced the ability to search and recover data from Apple products running macOS. AXIOM can now support decrypting FileVault2-encrypted drives, containers, and volumes, as well as support for parsing artifacts from APFS sources and traversing the File System explorer in AXIOM.

And, in keeping with our artifacts-first approach, we have also added more support for relevant macOS artifacts, including support for parsing user accounts information, FSEvents, connected devices, MRUs and the KnowledgeC database.

Go deeper into our Mac support in this how-to document.




A New Way to Look at Timeline

Looking at evidence through a time lens is one of the most common ways to understand a case, so with that in mind, we’ve greatly improved Timeline to provide you with a dedicated explorer to help you visually understand all timestamped artifacts and file system data in one view. The evidence can be easily filtered and sorted by date/time ranges, specific artifacts/items of interest, and keywords to help making review and analysis easier.

See the new Timeline in action in this how-to article and video.




Get Evidence from New Cloud Sources

With Magnet AXIOM 3.0, we’re incorporating open web data, self-serve data services, and warrant return data from social networks—allowing for building stronger case and drawing correlations between various pieces of evidence.

Facebook Warrant Return Packages

During an investigation, law enforcement may serve cloud service providers—such as Facebook—with a warrant, requesting information on a specific user. To comply with these requests, the service provider will typically return a digital package of evidence for law enforcement to review which includes artifacts for Facebook Messenger conversations, friends, and audit history.

AXIOM can now scan HTML-based warrant return packages from Facebook and identify useful artifacts for investigators.

Facebook “Download Your Info” Packages

Thanks to the General Data Protection Regulation (GDPR) law in the E.U., all online services that store personal user data have had to add features that allow users to download their personal information. These features provide a valuable new data set for law enforcement to work with as evidence when available. Investigators interested in using Facebook’s “Download My Data” feature in AXIOM should utilize the JSON format option from Facebook.

Like the existing Google Takeout capability, this feature will add support for scanning packages from Facebook to specifically pull out artifacts of interest.

Read more about our updates to Facebook here.

Public Twitter Without Credentials

You can now acquire data publicly available from Twitter without having to require the user’s credentials. This includes public-facing tweets from the user, as well as information on who the user is following, and who they follow—information that does not require a warrant.

Learn more about the capabilities of acquiring public Twitter information in this blog.



Slack

Slack has become a hugely popular collaboration platform for employees to easily communicate with individuals or teams using direct messaging.

Corporate investigators, with the account credentials of a suspect, can now acquire and analyze communication data directly from Slack—including public channel discussions and private chat data.

Learn more about Slack support in AXIOM 3.0 here.

Media Categorization Enhancements

We’ve furthered our media categorization capability with our increased compatibility with Project VIC/CAID hash sets. Our redesigned media categorization makes it even easier to focus your investigation on the data that is important to you using Project VIC and CAID data.

See for yourself how we’ve updated media categorization in this blog and how-to video.



Dynamic App Finder Improvements

Dynamic App Finder continues to be a valuable tool for examiners and with AXIOM 3.0, we’ve worked to find and report content of interest in databases on smartphones more reliably. This includes scanning database content for:

– Date/Times
– Geolocation data (coordinates)
– Street addresses
– References to countries/states/provinces/postal code/zip codes
– Email addresses
– Phone numbers
– URLs/URIs

Magnet.AI Performance Improvements

AXIOM 3.0 massively enhances the performance with which images are scanned leveraging Magnet.AI, now allowing for scanning images at a rate of up to or exceeding 25 images per second (when leveraging a GPU).

In addition to increasing the throughput, we have also increased Magnet.AI’s accuracy—making Magnet.AI an even more valuable tool to use in investigations.

New & Updated Artifacts
New MacOS Artifacts

– OS Information
– FSEvents
– User Accounts
– Login History
– Daily.out
-Trash
– Network Profiles
– MRU Files
– KnowledgeC
– USB Devices
– Startup Items
– Bluetooth Devices
– Bash Sessions
– Quarantined Files
– Connected Volumes
– Spotlight Shortcuts
– Installed Applications
– Finder Sidebar Items
– iMessage
– Mail
– Network Interfaces
– Custom Menu Items
– Dock Items
– Calendars (iCS)

New Mobile Artifacts

– Discord (iOS/Android)
– Android Keystore (Android)
– TikTok (iOS/Android)

New Cloud Artifacts

– Slack
– Facebook Warrant Return
– Facebook Download Your Info
– Public Twitter

Artifact Updates

– Slack (iOS/Android)
– Kik (Android)
– Usage History (Android)
– Gmail (Android)
– Telegram (Android)
– Chrome (Android)
– KakaoTalk (Android)
– Messages (iOS)
– WeChat (iOS)
– Grindr (iOS)
– iOS Device Info (iOS)
– Uber (iOS)
– Application Install States (iOS)

If you’re already using AXIOM, download AXIOM 3.0 over at the Customer Portal or within AXIOM. If you want to see how AXIOM 3.0 can give you a better investigative starting point, request a free 30-day trial today!

Want to see the new features in Magnet AXIOM 3.0 in more depth? We’ll be hosting webinars on April 9 for the America, Europe, Africa, and the Middle East and on April 10 for Asia-Pacific, covering all of the new features in Magnet AXIOM 3.0, and showcasing how you can use them to get find more evidence that matters in your investigations.

Leave a Comment

Latest Videos

Digital Forensics News Round-Up, June 12 2024 #dfir #digitalforensics

Forensic Focus 12th June 2024 5:51 pm

Digital Forensics News Round-Up, June 12 2024 #dfir #digitalforensics

Forensic Focus 12th June 2024 5:39 pm

Internal investigations and eDiscovery face rising challenges in the data collection landscape. There is an urgent need to preserve and analyze data; rising costs for server infrastructure and overhead and the increasing complexity and volume of data from emerging sources is overwhelming. Laptops, computers, phones, tablets, cloud sources, and messaging applications – data is stored anywhere and everywhere with employee communications being the riskiest data sources.

The scope and specific challenges of data collection affect organizations and law firms differently, presenting a need for a variety of solutions to best fit their needs. With Cellebrite’s suite of SaaS (Software-as-a-Service) cloud-based collection solutions, corporate investigators and eDiscovery practitioners can close investigations and get to review faster.

Cellebrite's market-leading SaaS based solutions minimize business disruption and save organizations money by:

- Eliminating the need for large upfront costs and maintenance expenses
- Minimizing overhead costs without hosting the solution, no hardware shipping, and no technical calls for assistance
- Minimal and predictable data collection costs, allowing you to scale your usage according to your specific needs and budgetary considerations
- Stay up to date with continuous updates to data sources with updates pushed to the Cellebrite cloud
- Close investigations and review discovery faster with cloud-based innovation
- Manage customer requests and provide transparency throughout your organization across the globe

Watch Cellebrite's webinar where Monica Harris, Product Business Manager, showcases how Cellebrite’s range of SaaS-based solutions have you covered whether you need remote collection across all devices, including computers, cloud sources, chat applications, and mobile devices or full-file system advanced collection capabilities across the widest range of mobile devices and applications.

Internal investigations and eDiscovery face rising challenges in the data collection landscape. There is an urgent need to preserve and analyze data; rising costs for server infrastructure and overhead and the increasing complexity and volume of data from emerging sources is overwhelming. Laptops, computers, phones, tablets, cloud sources, and messaging applications – data is stored anywhere and everywhere with employee communications being the riskiest data sources.

The scope and specific challenges of data collection affect organizations and law firms differently, presenting a need for a variety of solutions to best fit their needs. With Cellebrite’s suite of SaaS (Software-as-a-Service) cloud-based collection solutions, corporate investigators and eDiscovery practitioners can close investigations and get to review faster.

Cellebrite's market-leading SaaS based solutions minimize business disruption and save organizations money by:

- Eliminating the need for large upfront costs and maintenance expenses
- Minimizing overhead costs without hosting the solution, no hardware shipping, and no technical calls for assistance
- Minimal and predictable data collection costs, allowing you to scale your usage according to your specific needs and budgetary considerations
- Stay up to date with continuous updates to data sources with updates pushed to the Cellebrite cloud
- Close investigations and review discovery faster with cloud-based innovation
- Manage customer requests and provide transparency throughout your organization across the globe

Watch Cellebrite's webinar where Monica Harris, Product Business Manager, showcases how Cellebrite’s range of SaaS-based solutions have you covered whether you need remote collection across all devices, including computers, cloud sources, chat applications, and mobile devices or full-file system advanced collection capabilities across the widest range of mobile devices and applications.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_SE7Cl5jkigk

Maximising Data Collection With SaaS Innovations

Forensic Focus 10th June 2024 12:42 pm

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feeds settings page to add an API key after following these instructions.

Latest Articles