What is magnet AXIOM cyber ?
Firstly, there are two products with AXIOM by name in Magnet Forensics, magnet AXIOM which is built for law enforcement and then Magnet AXIOM cyber, which is designed for enterprise or business solutions. So, what is magnet AXIOM cyber ?
Magnet AXIOM Cyber is a modern, digital forensics solution that functions to acquire evidence from endpoints for cases of investigations in enterprise such as employee misconduct data ex-filtration and root cause analysis.
In general, Magnet AXIOM cyber actually comprises of all features in Magnet AXIOM but added with features that enables it to remotely collect evidence from target endpoints (both Mac and Windows).
Capabilities:
Magnet AXIOM Cyber allows users to:
- complete targeted investigations of individuals in their organization on as-needed basis, without the need for additional infrastructure through AXIOM Process which supports the remote acquisition (depending on the applied license) of drives and memory (both for Windows only), and as well as logical files from the file system even if the drive is encrypted.
- create an agent, deploy the agent to the endpoint, connect to the agent, select and download items of interest, and also add the items to their case (all from AXIOM Process).
Features:
1. Off-Network Collection
Magnet AXIOM Cyber enables users to easily perform remote collections of Mac and Windows endpoints even when they are disconnected to the corporate network. The remote collections of data can be done covertly and then the collected data is written to a scalable open logical container) called AFF4-L forensically sound container.
2. Advanced Cloud Support
Magnet AXIOM cyber allows users to gather data from corporate cloud services like AWS S3, EC2, Azure virtual machines, MS Teams, and Slack which are crucial in helping with Insider Threat and HR Investigations
Users may also use Admin credentials to easily acquire from Office 365, G Suite, and Box to speed up investigations.
3. Case intelligence
Magnet AXIOM cyber is equipped with powerful analytics features like timeline, connections and magnet.AI. The analytics tool are embedded right from the very first update. (so users does not need to purchase or install an extra module or add-on product.)
Timeline feature in magnet AXIOM cyber helps users to quickly and easily track down malware using relative time filters that are applied
to all timestamped evidence items including data from the file system, memory or even other sources like the cloud or mobile devices.
Connections helps users to quickly find and visualize data across every evidence sources. For example, users can identify how a specific picture file got on a device, how it was accessed and information on file sharing (whether it is shared and the person involved).
Magnet.AI is able to detect conversation and images related to harassment. It also helps in reducing noise or junk with picture classifier by finding system icons and graphics within datasets.
Magnet AXIOM cyber uses technology like machine learning or CBIR (content-Based image retrieval) and data visualisation.
4. Support eDiscovery
Corporates forensics examiner also need to perform collections that support eDiscovery.
Magnet AXIOM cyber allows examiners to generate a load file that can be imported into eDiscovery platform.
With this feature, the generated load file can be shared with eDiscovery team for use in their tool.
Load files generated by Magnet AXIOM cyber include:
- A plain text delimited file with a .dat extension in the Concordance / Relativity format containing metadata for the included artifacts
- Folders with accompanying natives and text.
- MSG file for email
- HTML chat threads for chat messages from Slack or other chat-based communication services
- Original files for documents, media, and other file-based artifacts
5. Linux Support
Magnet AXIOM Cyber is able to acquire data from Linux systems. This feature allows users to obtain the most complete picture possible analysis of data with evidence from other data sources.
6. Leverage the Benefits of Cloud Computing
The benefits of hosting applications in the cloud include cost savings and more centralized operations. Deploying AXIOM Cyber in cloud such as Azure or AWS helps leverage the benefits of cloud computing as well as the ability to perform off-network remote collections of Mac and Windows computers.
Application and Contribution:
Magnet AXIOM Cyber helps businesses in carrying out numbers of investigations such as:
- Employee misconduct
- Fraud
- IP Theft
- Incident response