We are thrilled to announce the release of Magnet AXIOM Cyber 6.9. This release adds and expands on a number of features that will help streamline your digital forensics, incident response and eDiscovery investigations, including:
- SharePoint Pre-processing Site Search
- Updated LevelDB Viewer
- Updated YARA Rules Library
In addition to these new features, we’ve also updated several artifacts to keep your evidence sources current with the latest apps and services.
As we near the end of 2022 we have also put together a webinar providing an overview of some of the most noteworthy features that were added into Magnet AXIOM Cyber this year by Chris Cone from our Forensic Consultant team.
You can upgrade to the latest version in AXIOM Cyber or through the Customer Portal.
If you haven’t tried AXIOM Cyber yet, request a free trial here.
SharePoint Preprocessing Site Search
New in AXIOM Cyber 6.9, we have added a pre-processing option for SharePoint to help you zero in on the evidence you need for your investigations. You can now search using keyword matches to pinpoint specific SharePoint sites.
This new option builds on the Microsoft 365 and SharePoint features introduced in AXIOM Cyber 6.7, which provided visibility and the option to acquire SharePoint sites and subsites associated with the targeted account’s organization.
As a popular document storage and management system, SharePoint is reported to be used by more than 250,000 organizations including over 85% of Fortune 500 companies making it a likely source of evidence in your investigations.
Updated LevelDB Viewer
You can now preview the content of LevelDB databases right in File System Explorer, streamlining the review process of this increasingly popular database format. LevelDB is an open-source key-value storage engine developed and made available by Google as “a building block for higher-level storage systems”.
A notable application is Google Chrome’s use of LevelDB to facilitate on-disk storage for popular web-based versions of applications, which can provide important insight into popular communications tools. Chrome is the leading internet browser in the world with a global market share of over 65 percent, and this prominence is even higher when we consider that Opera, Android Browser, Samsung Internet, and Microsoft Edge all use Chromium, the open-source version of Chrome as their codebase.
To see this feature in action, check out our blog and video:
Updated YARA Rules Library
YARA rules are an incredibly important part of malware identification – often the only way of catching the very latest threats because rules are written and shared by the front lines of the cybersecurity community.
To help keep the YARA rules included in AXIOM Cyber current, we have refreshed them to incorporate new and updated rules for ransomware and recent evolutions of prominent malware.
You can also easily add additional rules to the AXIOM Cyber processing engine through the configuration menu. To learn more about how you can work with YARA rules in AXIOM Cyber visit our blog: YARA Rule Processing in Magnet AXIOM Cyber.
As with all releases of AXIOM Cyber, there is also support for several updated artifacts to help keep your investigations current with the latest corporate apps and services developments, including:
- Facebook Messenger
- Google Maps
- Default Browser
- Apple Notes
- Cloud Apple Messages (Warrant Return)
- Quick Look Thumbnails
- Microsoft Teams
- Safari Suspended State Tabs
- Event Logs Script Events