Product Features
Magnet AXIOM 6.8

Magnet AXIOM 6.8: Introducing Pre-Processing Date Filters

Magnet AXIOM 6.8 is now available, providing new pre-processing date filters that give you the option to filter results to a specific date or time to easily comply with the conditions of a warrant.  

In addition to pre-processing filters this release also adds a convenient new summary of evidence source details which includes the unique device identifiers and high-level information for each evidence source in a case. This release also adds support for edited and deleted iMessages, which were introduced in Apple’s iOS 16, to help ensure you can easily capture the full context of iMessage conversations in your cases.

You can upgrade to the latest version within AXIOM or over at the Customer Portal.   

If you haven’t tried AXIOM yet, request a free trial here.   

Pre-Processing Date and Time Filters

New in this release of AXIOM is pre-processing date filters which gives you the option of setting a date and time range for the artifacts that will be added to a case. This feature lets you limit the artifact data being collected in order to comply with warrant restrictions around the applicable dates for the investigation.

Or, if there aren’t date restrictions that you need to adhere to, this feature can be used to focus your investigation to the timing of the suspected crime, reducing the volume of evidence that you need to review helping you to work through your cases as efficiently as possible.

Date Range Filter

Evidence Source Details

With this release we have expanded the Case Dashboard to include evidence source details, which provides unique identifiers and high-level information for each device in a case. This helpful summary includes key information like the serial number, device name, model ID, and more for all the devices that were used to source evidence in one convenient location.

In addition to the evidence source details, this dashboard also provides a summary of the recovered artifacts for each device, detailing tags, keyword hits and Magnet.AI categorization. Allowing you to quickly review the devices and artifacts in a case with the context of where each artifact originated.

These new summaries provide a quick and convenient view of the evidence sources in your case, saving you the time required to gather this important information.  

iOS 16 Edited and Deleted iMessages

With the introduction of iOS 16, Apple added the ability to delete or edit iMessages which also meant there were changes to the messages database and implications for the forensic analysis of iMessages. In AXIOM 6.8, we have added new artifacts that help you easily capture the content of edited and deleted messages from Apple devices running iOS 16.

With the popularity of Apple mobile devices, it is estimated that iMessage has about 1.3 billion active users worldwide making it a key data source for many investigations. Magnet Forensics’ Senior Technical Forensics Specialist Chris Vance authored a blog on the implications of the new iOS for Digital Forensics examiners.

With this release Chris has now put together a follow-up piece that outlines how the artifacts in AXIOM have been updated to address these changes and ensure you are able to easily access all the insights from iMessage conversations, as well as iOS reminders and Safari tabs. To learn more read Chris’s latest blog here: Checking in on iOS 16 in AXIOM 6.8.

Automatic Loading of Embedded iOS Keychains 

In AXIOM 6.8, iOS keychains embedded with GrayKey mobile images will be automatically recognized and pre-loaded. This feature saves examiners the step of manually loading the keychain file and helps to mitigate missing the keychain and the additional evidence it can provide from encrypted apps.

Keychain data can contain a wealth of information linked to a users’ Apple account including account names and passwords for websites and applications that can provide critical evidence for a case.

To learn more about how to ingest, process, and parse iOS keychain data, check out the blog, Keychain Pre-Processing and Easier Data Decryption for iOS in Magnet AXIOM.  

New and Updated Artifacts  

AXIOM 6.8 adds a number of new artifacts along with updates to several important iOS, Android, Windows and MacOS artifacts. 

New Artifacts 

  • Cloud Google Hangouts Messages (Warrant Return)
  • iOS 16 Recently Deleted Messages
  • iOS 16 Reminders
  • Safari Suspended State Tabs

Updated Artifacts 

  • WhatsApp Messages
  • iMessage/SMS/MMS
  • Private Photo Vault Media
  • Snapchat Stories
  • TikTok Videos
  • Facebook Messenger
  • Windows 7, 8, 10 User Accounts
  • CUPS Print Jobs
  • Chrome Cache Records

Get Magnet AXIOM 6.8 Today! 

We are continually improving AXIOM to make it our most comprehensive digital forensic platform. When every second counts, it’s important that we do what we can to streamline the primary workflow of examiners. We’re excited that these AXIOM improvements can help to do exactly this. 

If your agency needs to perform remote collections, collect from cloud storage services, or Microsoft Office 365

Related Resources

Blog

Blog

Griffeye products now a part of the Magnet Forensics product suite

Following the announcement that Griffeye would become part of Magnet Forensics, we are thrilled to announce that Griffeye is now fully integrated into the Magnet Forensics family. 

April 12, 2024 • About a 2 minute view
Blog

Blog

Magnet Axiom Cyber 7.10: AWS Sign-in improvements & animated maps

The latest release of Magnet AXIOM Cyber is here, and we’re excited to share new features for analysis and cloud acquisitions.

February 29, 2024 • About a 2 minute view
Blog

Blog

Reviewing email evidence with Email Explorer in Magnet Axiom and Axiom Cyber

With the continued prominence of email in corporate settings, we’re thrilled to unveil a highly anticipated feature to AXIOM Cyber: Email Explorer.

February 29, 2024 • About a 4 minute view
Resource Center Home

Subscribe today to hear directly from Magnet Forensics on the latest product updates, industry trends, and company news.

Start modernizing your digital investigations today.

Top