Product Features

5 Ways Magnet AXIOM Is Forensic 4:cast’s Computer Forensic Software of the Year

As Magnet Forensics has grown, we’ve had the distinction of our tools being named Forensic 4:cast Computer Forensic Tool of the Year for each of the last five years. To us, this is an indicator that our strategy of paying careful attention to your forensic examination needs both now and into the future is hitting its target. Here are five reasons why:

1. Versatility Across Law Enforcement, Corporate, and Government Investigations

AXIOM, and IEF before it, came by its reputation through offering the deepest support for the kinds of Internet browser-based chat artifacts investigators needed to build cases for child luring and exploitation.

Today, our artifact support has evolved to include the artifacts found in computer operating systems, memory, and cloud services, with the result that many more investigators have been able to deploy AXIOM for a wider variety of cases, including employee misconduct, intellectual property theft, and even incident response.

2. Forensic Acquisition and Processing Automation Save Examination Time

Backlogs continue to challenge digital forensics labs, which is why we’ve automated much of the process that once took so much time. AXIOM’s automation—along with its performance—has evolved over time: from acquisition and single stage processing, to Magnet.AI’s ability to crawl hundreds of thousands of messages, pictures and videos, to the correlations you can make within Connections—and most recently, the integration of Volatility memory analysis.

The result of all these different forms of automation: you save time on the most tedious tasks associated with a forensic examination, so that you can focus on the tasks that need more of your attention: interpretation and validation.

3. Getting Around Hard Drive Encryption

Hard disk encryption is challenging for law enforcement and corporate investigators alike, so over the past year, we’ve introduced a couple of different ways to overcome it.

It started last year with our Passware integration, which enabled full disk decryption from the AXIOM interface with a known password for BitLocker, TrueCrypt, or PGP Desktop encrypted devices. (We also made Passware Kit Forensic available for purchase from Magnet Forensics.)

Following that integration, we introduced AXIOM Cloud. As of v1.2.2, AXIOM Cloud enabled Corporate examiners to acquire content from Microsoft Office 365 cloud accounts using administrator credentials, instead of end user credentials. This allows you to acquire a user’s content without tipping them off to the investigation, or having to involve the user.

4. An Interface Designed to Focus on Places to Start

The more AXIOM matures, bringing in multiple forms of evidence from multiple data sources, the more refined your results need to be. Rather than present acquired data as if it’s all equal (for example, hex code in the same screen as a chat thread), we present it from the top down so that you’re never overwhelmed. (Read more about our new Case Dashboard to see how we’ve improved even further on AXIOM’s design.)

You start at the high level, filter your evidence, track backward once you’ve determined that something is irrelevant—even drill into the hex code to verify your interpretation. See the evidence in its native format, such as a chat thread or a map, just as you’d see it on a computer; then, construct a timeline across devices, according to the date and time stamps from as many images as needed.

5. Connections in AXIOM Shows Links between Multiple Artifacts and Devices

Whether you’re working a child exploitation case and you need to see how child abuse material was created, owned, and/or distributed, or you’re investigating some kind of data breach and you need to track how files were exfiltrated—or how malware moved across your network—use Connections in AXIOM to correlate artifacts across devices or accounts.

If you’re an expert level user, you can use this as a way to save significant time by no longer having to manually correlate artifacts. If you’re a beginner or intermediate examiner, use Connections to learn the significance of those correlations, why they matter to your case(s), and how they look within the file system.

We so appreciate your continued trust in our software to give you the automation, decryption, third-party tool integration, and ease of navigating forensic data from computers. Vote now to recognize AXIOM as Forensic 4:cast Computer Forensic Tool of the Year!

Related Resources

Blog

Blog

Griffeye products now a part of the Magnet Forensics product suite

Following the announcement that Griffeye would become part of Magnet Forensics, we are thrilled to announce that Griffeye is now fully integrated into the Magnet Forensics family. 

April 12, 2024 • About a 2 minute view
Blog

Blog

Magnet Axiom Cyber 7.10: AWS Sign-in improvements & animated maps

The latest release of Magnet AXIOM Cyber is here, and we’re excited to share new features for analysis and cloud acquisitions.

February 29, 2024 • About a 2 minute view
Blog

Blog

Reviewing email evidence with Email Explorer in Magnet Axiom and Axiom Cyber

With the continued prominence of email in corporate settings, we’re thrilled to unveil a highly anticipated feature to AXIOM Cyber: Email Explorer.

February 29, 2024 • About a 4 minute view
Resource Center Home

Subscribe today to hear directly from Magnet Forensics on the latest product updates, industry trends, and company news.

Start modernizing your digital investigations today.

Top