AXIOM Cyber 6.2: Email Explorer, VirusTotal Integration and Volatile Artifacts.
Only two months after the release Magnet AXIOM Cyber 6.0, we’ve delivered several new and exciting features in Magnet AXIOM Cyber 6.2, including:
- Email Explorer
- VirusTotal Integration
- Volatile Artifacts
In addition to these new features, we’ve also added and updated artifacts to keep your evidence sources current with the latest apps and services.
If you haven’t tried AXIOM Cyber yet, request a free trial here.
Email Explorer
To help investigators review, tag, and export email evidence, we are thrilled to introduce the new and highly anticipated Email Explorer in AXIOM Cyber. This view presents messages in an intuitive and familiar format that mirrors the appearance of common email platforms- complete with standard filters and search capabilities to zero in on the email evidence relevant to your investigations.
While use of Slack and other messaging apps is on the rise, 74% of workers still rely on email as their primary source of business communication. So, it’s no wonder that a large amount of email evidence appears in most corporate investigations.
To learn more about Email Explorer check out our new blog post.
VirusTotal Integration
AXIOM Cyber now offers integration with VirusTotal, giving you the ability to quickly check files against their database of known threats.
The more information you have about a cyberthreat, the better equipped you are to remediate an incident and refine mitigation procedures to protect against future threats.
Leveraging over 70 antivirus engines, VirusTotal provides information on known malicious files so that you can quickly gain insight into the history and behaviour of a threat. Any file that is checked in VirusTotal is hashed in AXIOM Cyber rather than uploaded– no other file information is submitted to VirusTotal, maintaining the anonymity of your records.
To learn more about the VirusTotal integration in AXIOM Cyber check out our blog post.
Remote Volatile Artifact Collection
In AXIOM Cyber 6.2, we’re introducing a new artifact category, volatile artifacts, which allows you to remotely collect live system information. Volatile artifacts can provide unique insights into malware behavior and anti-forensics software or other malicious activities that don’t leave easily detectable evidence trails.
For this new artifact category, we currently support for four high value live system processes: Active Connections, ARP cache, DNS cache and Running processes, with more to come in upcoming AXIOM Cyber releases.
New and Updated Artifacts
As with all releases of AXIOM Cyber, we’ve increased and updated support for existing and new artifacts to help you keep pace with emerging threats.
Here’s the full list of artifact support for AXIOM Cyber 6.2.
New Artifacts
- iCloud Devices // Cloud
- iCloud Server Files // Cloud
- iOS iMessages/SMS/MMS – App Intents // iOS
- Refined Results – User Accounts // All Platforms
- User Accounts // Windows
Updated Artifacts
- Android Contacts
- Android Call Logs
- Android SMS/MMS
- Android Messages
- Apple Notes
- Apple Mail
- Cloud MBOX Emails
- Email Attachments
- iOS Maps
- iOS Wi-Fi Profiles
- iVe – Call Logs
- iVe – Files
- iVe – SMS
- Signal Group Members
- Signal Messages – iOS
- SIM Card Activity
- Snapchat Cached Videos
- Snapchat Chat Messages
- Wallet Payment Cards
- Wallet Transactions
Get Magnet AXIOM Cyber 6.2 Today!
If you’re already using AXIOM Cyber, download 6.2 over at the Customer Portal.
If you want to try AXIOM Cyber for yourself, request a free trial today!