Product Features

Case sharing and collaboration in Magnet Nexus

Internal investigations and responding to cyber security incidents often necessitates leveraging the experience of the broader team to ensure a quick and complete response. Magnet Nexus, SaaS DFIR solution for the investigation of one to thousands of endpoints, allows you to easily share and collaborate on cases within your organization, helping your team work together to reach a quick resolution.

Case sharing in Nexus

With case-sharing capabilities, you can easily select “share case” in the top right of a case details page to make the results of your case available to the rest of your organization, or you can select specific individuals you want to share a case with. Cases shared by other members of your organization will display in your case list, and can easily be toggled on or off by selecting “my cases” or “shared cases” to maintain a streamlined view. A search bar in the case list also helps you quickly navigate to the case you are looking for.

Shared cases can be accessed by staff in any geographic region; they only need an internet connection. The data associated with a shared case is stored in the region selected by the original case owner when they started the investigation to align with any data residency requirements. Just like their own cases, a user needs to have the associated region selected in Nexus to access shared cases.

Collaborating on cases within your organization

In the words of Henry Ford: “If everyone is moving forward together, then success takes care of itself.” With the ability to share cases across your organization, your team can work together on cases regardless of location.

Here is a breakdown of the functionality that is enabled with this new feature:

Add data to the case

The data collected from endpoints associated with the case are added to the case along with everyone else’s acquisition providing a centralized location for all the case data. Team members will be able to see the status of each acquisition initiated by a shared user on the case so that they know when the data is available for their review.

Review and filter the data

Within the case, shared users can review all case evidence broken down by each of the artifact categories and subcategories. Or, they can review just the tagged artifacts and apply new filters and keyword searches to the results to help draw out additional insights.

Tag relevant data

All shared users can tag artifacts in a case providing the ability to truly collaborate on identifying the key evidence. Add tags via the checkbox in the table view or the Hit Details pane for each artifact with attribution to a user account.

Managing your organization

Using role based access controls, company administrators can create and manage the user accounts and monitor usage via audit logs.

Try shared cases in Nexus today

Log in to explore the new case sharing and organization administration options in Nexus. If you haven’t tried Nexus, start a free trial here to check it out for yourself.

Subscribe today to hear directly from Magnet Forensics on the latest product updates, industry trends, and company news.

Start modernizing your digital investigations today.