Magnet AXIOM 5.2: Beta Available for Cross-Case Searches and More Facebook Public Data Acquisition
We’re proud to announce the availability of Magnet AXIOM 5.2!
You can upgrade to AXIOM 5.2 within AXIOM or over at the Customer Portal.
With AXIOM 5.2, we are announcing the expanded support of Facebook public-facing data acquisition and even more filtering options for Media Explorer. And we’re releasing beta functionality, called Project Prague™, for a new feature that introduces the concept of cross-case searching for tagged identifiers and analytics. As with the previous release for AXIOM 5.0, these features and updates help to streamline the workflow of examiners and decrease time to evidence during investigations.
If you haven’t tried AXIOM or AXIOM Cyber yet, request a free trial here.
Search Cross-Case for Tagged Identifiers: Project Prague Beta
For large-scale investigations, crime analysis, and intelligence gathering, cross-case sharing of information can be hugely beneficial. For example, if you were looking to identify the serial number of a camera across cases in an ICAC investigation, our new beta feature, Project Prague, would allow you to do so. If you were looking for a specific username in a drug or weapons investigation across cases, Project Prague would be a great fit.
This cross-case sharing of information is one way in which we’re looking to help support our users, and while we’ve introduced beta functionality in Magnet AXIOM (and Magnet AXIOM Cyber for that matter, too), we are looking for critical feedback. Project Prague beta currently includes cross-case searching for tagged identifiers (e.g., names, emails, screen names, serial numbers, etc.) and analytics, but your feedback can help inform the final design. Some of the current key features of the Project Prague Beta include the ability to:
- Push specific identifiers of interest to a user-controlled Prague database
- Track instances of identifiers across different cases
- Query all identifiers in a case so they can be matched to identifiers of interest in Prague
- Tag all hits relating to the matching identifier in a current case
- Create a report outlining all details for matched identifiers and contact information for each
If you’re interested in testing out this new beta feature and providing your feedback, visit MAGNET Idea Lab™ and request access.
You can also read up more about Project Prague in “Cross-Case Searching for Tagged Identifiers in Project Prague Beta” or watch this how-to video to see it in action:
Acquire Public-Facing Facebook Profile Data
If a person of interest won’t share their credentials (username and passwords), or obtaining and waiting for a warrant return is stalling an investigation, collecting data from publicly available sources can quickly provide some much needed evidence at the outset of an investigation.
With AXIOM 5.2, we’re expanding the acquisition and analysis support for public-facing Facebook data, which now includes:
- Profile Information (NEW in 5.2)
- Friends list
- Public-facing posts
- Public-facing comments & replies
Profile information includes the “About” information, such as work experience, education, places lived, contact info (address, email address), and other information such as gender, political views, and interests. It is important to note, though, that profile information does not include date of birth. Facebook public activity data can only be acquired when the user’s privacy settings allow for public viewing of profile information, friends list, and posts (e.g., comments and replies to public posts), and is dependent on the user filling out this information for their profile. As always, examiners can analyze the public-facing data acquired from Facebook all in one case alongside the rest of your mobile, computer, and cloud evidence.
More Filtering Options for Media Explorer
With Media Explorer, examiners can now narrow their searches even further with new filter options:
- Global Filter Support for Tags and Comments
- Multipurpose Internet Mail Extensions (MIME) Type Filter
The new filters reduce time to evidence by helping Examiners get to the items they need quickly. The global filter support for tags and comments, for example, works well with results that have been automatically tagged using any of the Magnet.AI picture classifiers. You can use this to quickly filter items such as those classified containing Child Abuse or Nudity classifications. This filter is also particularly useful for filtering to media items associated with artifacts that may have been tagged in the artifact explorer, helping to streamline Examiner workflow.
Read more about media explorer and check out the how-to video with Trey Amick in his blog, “Media Explorer in Magnet AXIOM“.
New Artifacts
- Microsoft Office Backstage // Windows
- Zello Messages // iOS & Android
- Zello Profile // iOS & Android
Updated Artifacts
- Apple Mail
- Google Photos
- Grindr
- LNK Files
- Messages
- Outlook Emails
- Owner information
- Photos
- Pictures (TIFF)
- Safari History
- Skype Activity
- Snapchat
- Telegram
- Tumblr
- Wickr
Get Magnet AXIOM 5.2 today!
We are continually improving AXIOM to make it our most comprehensive digital forensic platform. When every second counts, it’s important that we do what we can to streamline the primary workflow of examiners. We’re excited that the improvements with AXIOM 5.2 can help do exactly this.
If your agency needs to perform remote collections, collect from cloud storage services, or Microsoft office 365, check out what’s new in AXIOM Cyber here.