At Magnet, we are using Artificial Intelligence to transform the way digital investigators uncover, analyze, and interpret evidence – unlocking insights once thought impossible.
This session examines how digital evidence reshapes discovery obligations in criminal prosecutions, from identifying what must be disclosed to crafting effective discovery requests. Participants will explore practical strategies for managing large volumes of digital material, understanding examiner reports, and ensuring timely, complete, and transparent disclosures. The focus is on aligning legal obligations with the realities of how digital evidence is created, stored, and reviewed.
As more digital activity migrates to the cloud, investigators need to adjust their legal processes to align with the realities of online data storage. In this episode of Legal Unpacked, Justin Fitzsimmons will examine how to draft effective search warrants for cloud-based data, including the need to understand the types of user information providers actually collect and store.
You’ll learn the importance of reviewing and preserving key service documents, including terms of service, privacy policies, cookie policies, and screenshots of provider-facing dashboards or archive tools, to demonstrate what data exists and how the companies retain it.
There will also be an emphasis on defining, with precision, the types of data relevant to the investigation and supporting each request with the information courts expect: a clear explanation of the specific data sought, how that data is generated through user or system activity, where it resides within the provider’s infrastructure, why it is relevant to proving elements of the offense, and how it may help attribute the activity to a specific user. This approach provides a practical framework for satisfying the requirements of probable cause and particularity, while making your request intelligible and credible to both courts and service providers.
Explore how DFIR supports NIS2 compliance with rapid analysis, evidence preservation, and defensible reporting.
Have you considered cloud storage but don’t know where to start? Worried about being locked into a storage solution with no way of ever getting out? Then this session is for you. Join us to learn about how the Seattle PD effectively manages large amounts of digital data and efficiently moves data from on premise storage systems to the cloud. From policy to technology and operational considerations, this session will highlight how Seattle PD and Magnet Forensics work together to migrate petabytes of digital evidence to the cloud, allowing you to understand the advantages and complexities of cloud storage and data migration, and to build confidence in hosted digital evidence management today and into the future.
Join us for a live, interactive Ask Me Anything (AMA) session where you can ask questions directly to seasoned digital forensics experts and get practical, real-world guidance on strengthening eDiscovery from the earliest stages of a matter.
While ransomware grabs headlines, business email compromise (BEC) quietly causes billions in losses every year. For private sector responders, these cases present unique investigative hurdles: social engineering, subtle logins, wire transfers, and abuse of legitimate SaaS features. This presentation dives into the forensic artifacts and investigative playbooks for BEC cases, including Office 365 sign-in logs, forwarding rules, OAuth abuse, and transaction metadata. We’ll explore how to triage compromised accounts, correlate access patterns with financial events, and present findings in a way that supports both containment and legal/regulatory needs. Whether you work in corporate IR, legal, or compliance, this session will equip you with the tools to tackle one of the most common—and costly—forms of corporate compromise.
Digital investigations continue to grow in scale and complexity—putting pressure on teams to surface the right evidence quickly, without compromising analytical depth or defensibility.
In this webinar, we’ll provide an overview of Magnet Axiom, highlighting how the platform supports end‑to‑end digital investigations across devices, cloud, and intelligence workflows. We’ll showcase what’s new in Axiom 10.0, including Artifact Post Processing, which gives examiners more control over time‑to‑evidence by allowing artifacts to be processed iteratively as cases evolve. We’ll also highlight enhancements to intelligence workflows, including deeper integration with the Griffeye Intelligence Database (GID), enabling faster, more consistent categorization and improved sharing and collaboration of intelligence across cases.
Attendees will leave with a clear understanding of how Axiom helps teams work faster, adapt to changing investigative priorities, and build stronger, intelligence‑driven cases.
By Chad Gish Key insights The Windows pagefile.sys is a fundamental source of evidence in digital forensics investigations and incident response. When live RAM capture is unavailable, either due to a system shutdown, oversight, or other factors, this system-managed file can serve as the last resort for recovering critical memory-related evidence. Some examples of artifacts … Continued
I have spent a lot of time thinking about the places where digital forensics actually happens and not just where it is supposed to happen.
