Tips & Tricks Webinars
Browse Our Tips & Tricks Webinars
We know many of you are currently working from home and engaging in free learning opportunities is more important than ever.
We are excited to provide you with a wide variety of Magnet Forensics Tips & Tricks webinars. These quick presentations will help you learn about new ways to improve your investigations, and you can find recordings of them below which you can access anytime.
Tips & Tricks Recordings
Tips and Tricks // Piece the Story Together with OS, Memory, and Other Artifacts
Learn how to correlate different artifacts with each other and see the connections that occur between data across multiple types of evidence including computer, mobile devices, memory dumps, external media, and cloud. Then pivot to timeline analysis to help pinpoint the exact offense or step through exactly how an incident occurred. In this Tips & Tricks session, Tarah Melton, Forensic Consultant, will walk through a case using Connections and the Timeline Explorer in Magnet AXIOM and show how artifact correlations and timestamps can help tell the story in your investigation.
Tips & Tricks // Loading Different Evidence Types into AXIOM
Loading evidence in AXIOM is pretty straightforward for most use cases but there are times that certain types of files or images could benefit from some added insight or knowledge on the image formats and the various ways they can be loaded into AXIOM to get the best results for your investigation. In this session we’ll go over some of the most common (and some not so common) ways you can load evidence into AXIOM and see how that may affect the artifacts that get searched, decryption capabilities, or processing speed. We’ll also look at images outputted from various tools and see how they may differ and some of the most common questions we get about them.
Tips & Tricks // Magnet Web Page Saver
Magnet Web Page Saver (WPS) is a perfect tool for capturing how web pages look at a specific point in time. Join Jad Saliba, CTO & Founder of Magnet Forensics as dives into common questions about WPS and digs into the functionality and use cases in this hands-on tips & tricks session. WPS is especially useful in situations where the web pages need to be displayed in an environment where internet access is not available. Magnet WPS takes a list of URLs and saves scrolling captures (“snapshots”) of each page. URLs can be typed in manually or imported from a text file or CSV file. WPS produces an easy-to-navigate HTML report file containing the saved pages, with customized options. This feature is perfect for those web sites containing contraband where you need to pull the information quickly before the criminals alter or change the web page.
Tips & Tricks // Using Identifiers and Profiles in Magnet AXIOM
One of the best hidden features of Magnet AXIOM is Profiles. Profiles allow examiners to group particular unique identifiers found in their case and tie them to a particular person or device. This allows the user to build a persona from data found as part of the investigation and correlate this information across evidence sources. Once a profile is created, filters can be applied to find additional evidence across many sources (computer, mobile, cloud, etc…) about a person based on the identifiers tied to that profile. This can help uncover additional details about a subject that otherwise might have been overlooked by manually searching. Join Jamie McQuaid as he walks through how to build various profiles and apply them to different types of investigations.
Tips & Tricks // Utilizing Magnet Free Tools – RAM Capture & Process Capture
When it comes to capturing RAM what are the best ways to accomplish this? Should I use the command line? Or GUI? Should I include Process Capture. What benefits would I get if I use Magnet Process Capture? Patrick Beaver from Magnet Forensics Professional Services team will dive into these key questions and help you uncover more evidence through memory acquisition with these free tools.
Tips & Tricks // Making Sense of the Media Mayhem with Mac & iOS
It’s estimated that there will be 1.4 trillion photos taken in 2020, with the bulk of those coming from mobile devices. Since 2009, more than1.5 billion iPhones have been sold globally making it easier than ever to capture, share and edit media files. Investigators can often gain valuable clues derived from recovered media file details. In this presentation, Trey Amick, Forensic Consultant Manager, will dig into the Photos application found on both iOS and macOS endpoints, and show examiners the level of detail they can provide in their media investigations.
Tips & Tricks // Portable Case
One of the most important aspects in any digital forensic examination is the need to collaborate and discuss the findings from the case data with other stakeholders. This can include attorneys, other investigators, Human Resources, clients, and more. AXIOM eases this collaboration via Portable Case, enabling those stakeholders the ability to review, tag, and comment on that data, then allowing the merging of those insights back into the main case file by the forensic examiner. Join Tarah Melton, Forensic Consultant, to learn how to create and utilize Portable Cases from AXIOM in your investigations for more efficient communication of forensic findings in your casework.
Tips & Tricks // Dynamic App Finder
It is impossible for commercial forensic tools to be able to keep up with the support of the millions of new and updated applications available on mobile platforms today. Even still, this application data might be vital to your case. In this Tips & Tricks session, Tarah Melton, Forensic Consultant, will demonstrate AXIOM’s Dynamic App Finder (DAF), to show one method of parsing data from these unsupported applications efficiently though the AXIOM interface. Utilizing DAF, we’ll discover how to identify useful data from mobile databases and create custom artifacts to add into AXIOM to analyze alongside our other parsed data.
Tips & Tricks // Custom Artifacts
As new applications are used and updated, forensic tools do not always support every artifact. Often times examiners manually parse artifacts from a variety of sources. What if you could easily automate that parsing for future cases and large data sets… and still analyze those results in your tools? What if you could share your parsers and also use ones from other examiners? What if these results could be analyzed with the rest of the data from the case?
In this Tips & Tricks webinar, we will show the value of using Custom Artifacts in AXIOM to support unsupported artifacts and sources. Join us to learn how you can use templates to parse SQLite or RegEx or Python to create Custom Artifacts for use in AXIOM. Jessica will also teach you how to find custom artifacts created by others on the Artifact Exchange. Finally, you’ll learn how to build, share, and use custom artifacts to help support novel data and support the unsupported.
Tips & Tricks // File System in Magnet AXIOM
Magnet AXIOM is known for parsing hundreds of artifacts from computer, mobile and cloud evidence sources. But in addition to these artifacts, you’ll find that there are a number of useful features in our File System view as well! Enhanced viewers for SQLite databases, plists, and JSON files, and the automatic decoding data from hex are just some of the valuable features we’ll review in this Tips and Tricks session. Join us to see why utilizing AXIOM to dive into the file system can greatly benefit your examinations!
Tips & Tricks // AXIOM Advanced Searches / Regular Expressions
Can regex (regular expressions) be scary? Absolutely! Do you need to be an absolute wizard to start using them? No way! AXIOM advanced searches and column allow forensic examiners to make use of regular expressions to help sort through their data with greater precision. Join Mike Williamson for this Tips & Tricks session, where he makes the case for learning about Regex, and provides several reusable pattern constructs you can begin using in your examinations immediately!
Tips & Tricks // Unlocking Additional Evidence with Artifact Options in AXIOM
When scanning evidence in Magnet AXIOM, most of the time the default artifact selection and options cover a wide range of case types. However there are times when applying additional options for a particular artifact could unlock a wealth of information otherwise thought unavailable. For example, knowing the user’s Windows password isn’t usually necessary to analyze their computer, however there are many apps such as browsers, Zoom, Dropbox, etc. that use the built in Windows data protection controls to encrypt their data on the user’s system. Knowing what these options offer can enable examiners to know when to enable certain features and assist in uncovering additional details that wouldn’t have otherwise been unlocked in the default scan. Join Jamie McQuaid as we walk through some of these options to help you better understand their value to your investigation and when they should be applied.
Tips & Tricks // Harnessing Magnet.AI to Save Time in Your Investigations
The massive amount of text-based and media content involved in today’s digital investigations can make the search for potential evidence a time-consuming task. Machine learning and image recognition tools can help to identify and categorize content of interest so examiners can more quickly uncover the key evidence needed for their cases.
In this Tips and Tricks webinar, Trey Amick, Manager of Forensic Consultants, will show you how to leverage AXIOM’s Magnet.AI machine learning and Content Based Image Retrieval (CBIR) technology to quickly surface, analyze, and classify pictures and chats.
- Automatically detect and categorize potential pictures of drugs, weapons, nudity, or child abuse, and chats containing sexual conversations.
- Find related images—such as pictures of the same room or pictures with similar scenery—with the Find Similar Pictures feature.
Tips & Tricks // AXIOM Reporting Now & Then – Exploring AXIOM’s updated reporting features in AXIOM 4.0
In this Tips and Tricks we will explore AXIOM’s new reporting features and show improvements. Additionally, we will share tips and tricks for users of previous versions of AXIOM to produce desired output comparing how things were done in older versions. We will demonstrate several features such as how to hide and reorder columns a as well as how to create templates that can be reused to save time in future report generation and to standardize reports across an organization.
Tips & Tricks // Opportunities to Find Cloud Data with Magnet AXIOM
It’s very possible that you might have the chance to find cloud evidence while examining computer and mobile evidence in Magnet AXIOM. In this Tips & Tricks webinar, we’ll show you some telltale signs of cloud data sources to look out for when collecting and analyzing computer and mobile data. That cloud evidence could be what unlocks a case, so you’ll want to make sure you’re not leaving any evidence behind.
Tips & Tricks // Acquiring and Analyzing Microsoft Teams Data
Now more than ever, organizations are faced with the need for remote collaboration and many have turned to Microsoft Teams to fill that need. Whether exporting MS Teams data directly from the Microsoft 365 Compliance Center or directly acquiring that data with the Magnet AXIOM Cyber API, examiners have the power to process and analyze the evidence all in a single case file. In this Tips and Tricks webinar, we’ll walk through all of the acquisition options available and utilize AXIOM Cyber to analyze the data.
Tips & Tricks // AXIOM Performance Optimization
In this Tips & Tricks webinar, Brandon Waters, Solutions Consultant, will review how to leverage overlooked performance-enhancing features like temp file location, search speed, and memory analysis search speed along with GPU support for Magnet.AI and how to adjust Windows environmental settings to further improve performance.
Tips & Tricks // Using File System Explorer in Magnet AXIOM
Join Craig Guymon, Director of Solution Consulting, to learn how to take advantage of AXIOM’s File System explorer in your investigations. In this Tips & Tricks webinar, Craig will review several powerful examination techniques that leverage the file system, including how to:
- Create an artifact from a file system file like an executable or log file that can be reported on from the Artifact Explorer
- Save artifacts from the file system to a zip container and keep artifact dates and times intact
- Effectively narrow down the scope of relevant user artifacts from the Artifact Explorer (View Related Artifacts)
- Use the database viewer and plist viewer in the Artifact Explorer
- Use the File system explorer to perform MD5/SHA1 value exports of known good files that can be used later as an “ignorable” list
Tips & Tricks // Aiding ICAC Investigators with Technology Integrations
Many technologies used to capture, categorize, and analyze pictures and videos complement one another, filling gaps in the investigative toolbox. However, when organizations come together to integrate their technologies, they can amplify their results, resulting in aiding more victims.
Join Trey Amick, Manager of Forensic Consultants, in this Tips & Tricks webinar where he’ll demonstrate different technologies that have been integrated into a variety of Magnet tools to help assist ICAC investigators in their investigations. Integrations being discussed during this webinar will include Child Rescue Coalition CPS Data Exports in AXIOM, CRC CSAM detection in Magnet Outrider, and the ability to import NCMEC reports into Outrider for searching against a target machine.
Tips & Tricks // Using Grading and AI for Officer Wellness
Magnet AXIOM has a number of features that have been specifically designed to improve officer wellness in the course of CSAM investigations. In this Tips and Tricks session, Rhys Tooby, Solution Consultant, will walk you through a workflow that can assist with these investigations — addressing the unique challenges and the effects of chronic exposure to CSAM with grading and AI features.
Tips & Tricks // Capture & Scan More Data with Even Faster Speed in OUTRIDER 2.0
Join Trey Amick in this Tips and Tricks session where he’ll review the latest release of Magnet OUTRIDER, a triage tool designed to perform lightning fast previews of computers and external drivers either while in the field or back in the lab. Trey will provide quick tips to maximize your use of OUTRIDER 2.0 and discuss additional time savings for investigators to utilize while collecting and triaging evidence in the field.
Tips & Tricks // Download Your Data
There are multiple cloud platforms that allow users to access their own information directly by requesting it from the Cloud service provider, which could prove extremely valuable in your investigation if you have access from a compliant witness or victim. Magnet AXIOM supports the processing and analysis of many of these evidence sources, such as Facebook, Google, and Skype. In this Tips and Tricks session, join Tarah Melton, Forensic Consultant, to demonstrate the collection and analysis of these types of data and how beneficial it could be in your investigations to get to that data much quicker than a warrant return.