New Features

Magnet AXIOM 2.1 Builds on the Advances of AXIOM 2.0

Fresh off the launch of Magnet AXIOM 2.0, we’ve updated Magnet AXIOM. In addition the new Case Dashboard, Volatility integration, and Magnet.AI updates we introduced AXIOM 2.0, Magnet AXIOM 2.1 brings some new updates that will give you more places to find evidence.

Already using AXIOM? Download AXIOM 2.1 in-app or in the Customer Portal. If you want to try Magnet AXIOM 2.0 for yourself, schedule a demo today.

Support for FileVault2 and VeraCrypt Decryption

AXIOM now supports decrypting and scanning VeraCrypt and FileVault2 (HFS+ only) encrypted images with a known password.

For VeraCrypt, you will need to provide a Personal Iterations Multiplier (PIM) value with the password (both can be recovered using Passware Kit Forensic if not known) and FileVault2 will require the wipekey.plist file along with the password. Administrator Access

AXIOM Cloud can now pull audit logs from a admin account with the provided credentials which can be used to assist corporate investigators looking into cases around IP theft, employee dismissal, or other insider threats.

Google Takeout, Windows 10 Timeline and GrayKey Support

In AXIOM 2.1, there are new artifacts available to ingest and analyze:

  • Google Takeout — You can now ingest and process a Google Takeout package in AXIOM Cloud to recover artifacts and information such as Chrome activity, Google Tasks, user activity on a Google account, Google Photos, and Google Keep. ​
  • Windows 10 – Timeline — Timeline is like a browser history, but for a whole computer. It provides a chronology which not only contains the websites visited, but documents edited, games played, images viewed or created, etc..
  • Keychain Data from GrayKey — With 2.0, AXIOM was a clear leader in the amount of artifacts recovered from iOS images acquired using GrayKey devices. In 2.1, we’ve made the two pieces work even better together by providing support for the unique format of keychain data that GreyKey generates.​

Changing Encoding on a Per-Attribute Basis

For examiners working in different territories around the world, it can be incredibly difficult to decode and read artifacts that are recovered from other parts of the world — since sometimes part of the hit is recovered in one encoding and the rest in another. ​

Now you have the capability to change the encoding on a per-attribute basis so you can decode specific columns of content — as needed — when a different encoding is applied.​

Get Magnet AXIOM 2.1 Today

If you’re already using AXIOM, download AXIOM 2.0 over at the Customer Portal. If you want to see how AXIOM 2.0 can give you a better investigative starting point, request a free 30-day trial or schedule a demo today!

Subscribe today to hear directly from Magnet Forensics on the latest product updates, industry trends, and company news.

Start modernizing your digital investigations today.