Meet Magnet Forensics’ Training Team: Danny Norris
Danny Norris comes to us from an extensive background in the US Secret Service and Colorado Law Enforcement. Read on below!
Content Industry: Enterprise
Regulatory Requirements for Reporting Data Breaches Just Got Tougher for Banks
In May 2021, the Biden administration issued several new cybersecurity directives and regulations in an executive order to improve the nation’s cybersecurity.
Automating Legal Hold Requests With Remote Collections in Magnet AUTOMATE
Sometimes, the simplest of digital forensic workflows net the most time savings, and legal hold requests are no exception. Workflows that use repeatable manual processes, require little to no human input or advanced decision making, and often include batch processing, result in significant time savings.
Putting Your DFIR Lab in the Cloud: Lessons Learned
All signs are pointing to a hybrid workplace—and in some cases a fully remote workplace—being the reality for many businesses. DFIR professionals can reap many benefits from virtualizing their labs: everything from unlocking the ability to perform collections of endpoints not connected to your corporate network to the convenience of working from anywhere with an Internet connection.
RAM is King: Analyzing RAM in AXIOM and AXIOM Cyber
In business, there’s a famous adage, ‘cash is king’. When it comes to digital forensics, there’s a new adage, ‘RAM is king’.
Standardizing Your Collections With Targeted Location Profiles in AXIOM Cyber
Across the board, businesses strive to establish repeatable processes so that they can replicate past successes and avoid repetitive tasks that eat up valuable time and effort. With the volume of incidents and time constraints on DFIR teams, identifying these opportunities and efficiencies is essential to managing an ever-growing caseload.
AXIOM Cyber 6.3: Building and Refining Incident Response Capabilities
In Magnet AXIOM 6.3, we’ve continued to expand the incident response capabilities of AXIOM Cyber—further developing recently introduced features and adding new ones along the way. This release also introduces a new processing option that can expedite your investigations and help you get to your evidence faster.
iOS “Find My” Artifacts Support in Magnet AXIOM and AXIOM Cyber
When the Find My app (creating Find My artifacts) was originally released by Apple in 2019, it was limited to locating user devices, but the app has since expanded to find more than just users’ devices. AirTag data, for example, is also included in the Find My app since they were released in 2021.
Digital Evidence Processing: Parsing-Only Processing and Post-Process Carving
Processing evidence sources that contain terabytes of data and hundreds of thousands of artifacts is now a common and sometimes time-consuming process. Magnet AXIOM and Magnet AXIOM Cyber offer you more control over evidence processing by offering the option to process evidence with parsing-only and post-process carving—allowing you to apply the appropriate collection method for the investigation at hand.
Slacking on insider threats? Investigative and monitoring approaches to use within Slack to locate bad actors
It is no secret that Slack’s popularity has exploded in recent years- once dubbed “the email killer”, organizations have implemented Slack as an efficient collaboration environment either alongside email, and in some instances, replacing email as their primary internal communication mechanism. Although a large portion of communication and file transfers are taking place within Slack, often organizations are missing this crucial evidence during an investigation, either due to a lack of understanding or improper retention. Furthermore, organizations should be taking a proactive investigative approach and onboarding Slack as part of their insider threat program.