In this webinar series, we’ll have experts bringing their extensive knowledge of the enterprise DFIR space to you! Join us as we identify notable trends in cybercrime, internal investigations, incident response, eDiscovery support, as well as the digital transformation impact on DFIR. We’ll also share valuable tips on how examiners can help protect organizations from damage.

Register for upcoming webinar

Upcoming live webinar

Cyber Unpacked // Are you DF, IR, or both? Navigating the overlap between forensics and incident response

Digital forensics and incident response often overlap in practice but differ in intent: DF emphasizes preservation and prosecutorial defensibility, while IR prioritizes speed, containment, and recovery. For private sector responders, knowing when to apply forensic rigor during an incident can mean the difference between resilience and regulatory fallout. This session examines the ongoing tension between rapid response and evidentiary integrity, illustrating how gaps in preservation can affect investigative outcomes, compliance obligations, and post-incident accountability. Join Doug Metz and special guest Brett Shavers as they explore the trade-offs between containment and preservation, highlight situations where forensic soundness is essential, and provide a framework for deciding when “good enough IR” isn’t enough. Attendees will leave with practical strategies for balancing IR speed with forensic defensibility in corporate environments.

Join Brett Shavers and Doug Metz in their live presentation of Cyber Unpacked at Magnet Virtual Summit 2026!

Register now

Season 2

On Demand Webinars

On Demand Webinars

S2:E1 // Exploring IOCs: Enhancing threat detection and forensics

In this episode of Cyber Unpacked, we explore the critical role of indicators of compromise (IOC’s) in DFIR, focusing on integrating detection rules and frameworks such as YARA, Sigma, and MITRE ATT&CK.

About a 0 minute view

March 17, 2025

computer , corporate , magnet-axiom-cyber

Read More

On Demand Webinars

On Demand Webinars

S2:E2 // The insider threat playbook: A case study in sensitive data exfiltration

Insider threats, particularly those involving intellectual property theft, pose a substantial financial risk to organizations.

About a 0 minute view

May 22, 2025

computer , corporate , magnet-axiom-cyber , magnet-nexus

Read More

On Demand Webinars

On Demand Webinars

S2:E3 // When updates turn rogue: The forensic trail of a supply chain attack

Supply chain attacks are among the most dangerous threats in modern cyber operations — not because they exploit software flaws, but because they exploit trust.

About a 0 minute view

August 28, 2025

cloud , computer , magnet-axiom-cyber , media

Read More

On Demand Webinars

On Demand Webinars

S2:E4 // Voices from the field: Trends, challenges, and what’s next in DFIR

Digital Forensics and Incident Response (DFIR) has evolved rapidly from purely reactive investigations to incorporating proactive approaches that utilize cloud-powered forensics and AI. But while the tools and techniques may have advanced, so too have the complexities: hybrid and remote workforces, supply chain compromises, expanding attack surfaces, and the increasing pressure to collect evidence before it disappears.   In this special episode of Cyber Unpacked, hosts Doug Metz, Senior Security Forensics Specialist, and Jeff Rutherford, Forensic Consultant, bring together a panel of DFIR leaders to explore the state of digital investigations today. We’ll unpack some of the top challenges investigative teams face, from AI’s opportunities and risks to common pitfalls they’ve overcome. They’ll also share how different organizations are adapting, why celebrating internal wins matters, and what trends DFIR leaders should be paying attention to next.   Join us for what’s sure to be a lively discussion on where DFIR is headed, and how you can equip your team to respond with speed, accuracy, and confidence in an ever-evolving technological landscape.

About a 0 minute view

October 9, 2025

Read More

On Demand Webinars

On Demand Webinars

S2:E5 // A Tale of Two Timelines

In digital investigations, time isn’t just a factor — it’s the framework that holds the story together. In this episode, A Tale of Two Timelines, our hosts explore how timeline analysis serves as the backbone of both Incident Response and Digital Forensics. From the urgency of containment to the precision of post-mortem analysis, timelines illuminate what happened, when, and how. On the IR side, Doug demonstrates a streamlined workflow that transforms triage collections into unified, event-driven timelines — automating artifact extraction and correlation to reveal patterns of compromise and recovery. Then, shifting to the forensic lens, Jeff highlights advanced case analysis workflows that visualize activity chronologies, isolate pivotal moments, and export structured data for cross-case correlation. The result: a single cohesive view that bridges rapid response and in-depth examination.   By combining real-time event triage with deep forensic correlation, A Tale of Two Timelines shows how investigators can achieve a clearer picture, faster — and gain a decisive investigative edge.

About a 0 minute view

December 4, 2025

computer , magnet-automate , magnet-axiom , magnet-axiom-cyber , media , mobile

Read More

Season 1

On Demand Webinars

On Demand Webinars

S1:E1 // From zero to YARA hero: Detect malware like a pro

Staying ahead of emerging threats poses a significant challenge for digital forensics and incident response (DFIR) teams.

About a 0 minute view

May 31, 2024

computer , corporate , magnet-axiom , magnet-axiom-cyber , magnet-nexus

Read More

On Demand Webinars

On Demand Webinars

S1:E2 // Uncovering the unseen: Mastering mobile data for internal investigations and eDiscovery

In today's digital landscape, mobile data plays a critical role in internal investigations and eDiscovery.

About a 0 minute view

June 17, 2024

cloud , corporate , mobile

Read More

On Demand Webinars

On Demand Webinars

S1:E3 // Bridging the Gap: Integrating MITRE ATT&CK with Magnet Axiom Cyber

The MITRE ATT&CK framework has been integrated into Magnet Axiom Cyber to help analysts better detect and understand cyber threats.

About a 0 minute view

August 13, 2024

cloud , computer , corporate , magnet-axiom-cyber , mobile

Read More

On Demand Webinars

On Demand Webinars

S1:E4 // Return of the AI: A new hope (or a new threat)

Join Magnet’s Doug Metz, Senior Security Forensics Specialist, and Joe Pochron, Managing Director of Nardello & Co.’s Digital Investigations & Cyber Risk practice, for an in-depth discussion on the impacts of Artificial Intelligence (AI) on cyber investigations within the private sector. We’ll delve into how threat actors are leveraging AI to craft more sophisticated phishing campaigns, the growing necessity for detecting AI-generated images or deepfakes, and the pros and cons of AI-assisted report writing. Also, we’ll explore how Magnet Copilot, an AI-powered tool integrated into Magnet Axiom and Axiom Cyber, enhances your ability to efficiently analyze and interpret vast amounts of digital evidence.

About a 0 minute view

October 11, 2024

corporate , fraud , mobile

Read More

On Demand Webinars

On Demand Webinars

S1:E5 // Forensics in the Cloud: Risks, rewards, and realities for businesses

As DFIR leaders face increasing data volumes, complex infrastructure, and increasing pressure to deliver results faster, many are considering the move to cloud-based forensics solutions. But what does a migration to the cloud look like? Join Doug Metz and Jeff Rutherford for a session designed for leaders looking for real insights and considerations when planning their move to the cloud. This high-level overview won’t just outline the benefits of cloud adoption; we’ll provide a balanced perspective, exploring both the potential advantages and the essential components that may be better suited to remain on-premises. From scalability and collaboration to regulatory considerations and data security, we’ll dive into the practical realities, risks, and rewards of moving your lab to the cloud.

About a 0 minute view

November 22, 2024

cloud , computer , corporate

Read More

State of Enterprise DFIR – 2025 Report

Download the report
Drawing upon a comprehensive survey of more than 350 private sector digital forensic and incident response (DFIR) professionals and service providers, this report—the fifth in our annual series—provides an insider view of the state of enterprise DFIR.