In the latest version of Magnet AXIOM, we’re bringing a lot of new improvements to the most comprehensive digital investigation platform. In addition to an upgrade to our Dynamic Application Finder (DAF), we’ve brought in a variety of enhancements for smartphone, computer, and cloud investigations.
Dynamic Application Finder 2.0
We’ve updated DAF to add to and refine it beyond just chat apps. DAF2 adds support for discovering databases that contain geolocation data, web activity, or contact information. The additional support gives you flexibility in quickly narrowing down the list of databases to just what you’re after in your investigation — allowing you to better interpret and label the data.
You’ll also get more flexibility by mapping data to either pre-defined fields or a custom field of your choosing. This will result in much more refined and complete custom artifacts that are share-ready for the Artifact Exchange.
Acquire Office 365 Cloud Accounts using Administrator Credentials
Corporate examiners can now acquire content from Microsoft Office 365 cloud accounts using administrator credentials, instead of end user credentials — allowing you to acquire a user’s content without tipping them off to the investigation, or having to involve the user.
Various Improvements to Mobile Acquisitions, Cloud Artifacts, Connections and AXIOM Filtering
In addition to greatly improved stability and reliability of logical image acquisitions from an iOS or Android device, AXIOM 1.2.2 includes a number of filtering improvements. Filtering specific information has long been a huge strength in AXIOM, and AXIOM 1.2.2 takes it further with the ability to:
- See hit counts within the media categorization, keyword/keyword list, and tags filters
- Combine date and time filters into a single filter
- Type a date or time range via the keyboard
- Easily distinguish parsed and carved artifact hits by sorting on the “Location” fragment, helping separate and understand where the evidence is coming from
- Find similar pictures in a case leveraging the PhotoDNA hash by applying a quick filter to show photos that are ‘close matches’, but not identical matches
We have also improved existing artifacts, or added new artifacts to AXIOM Cloud, with support for the acquisition of iCloud photos and iCloud drive/files, as well as supporting the ability to specify only a particular set of folders to acquire for Box.com, iCloud and Dropbox services.
And now running a building job using Connections in AXIOM has gotten much faster — with testing data showing connections built in as little as 6 minutes, down from 3-4 hours!
Categorizing Parsed Videos with Project VIC Data
Examiners now have the ability to use Project VIC data to categorize known child exploitation videos, in addition to the photo data that was previously available in AXIOM. You can now conduct the hash matching during categorization workflows in AXIOM, and apply the appropriate categorization to a video hit. Examiners can then filter for known content in the media categorization filter, see both picture and video content with applied categorizations, and include it in a report.
New Artifact Support
- Dropbox in MACOS 10
- Chatstep for Windows
- App Usage History
- SMS/MMS/RCS (“part” table)
- Photo dimensions
- Facebook Messenger (Android)
- Twitter Direct Messages (iOS)
- Installed Applications (iOS)
- Device information iOS 8/9/10/11
- Kik (iOS/Android)
- MS Word Documents
If you’re a customer, download Magnet AXIOM 1.2.2 from the Customer Portal now. Want to try AXIOM? Get a free 30-day trial here.