Seven Reasons to Choose Magnet Forensics Tools
Or Some Great Reasons to Vote for Us in the Forensic 4:cast Awards
We’re extremely proud of the work we do at Magnet Forensics, and there is nothing we like more than hearing from our customers that we are doing a great job (like your nominations for three categories in the Forensic 4:cast Awards!). We took a moment to think about what really sets us apart and what the principles are that we build our Magnet Forensics Tools on and what your feedback has told us about them.
We offer below a round-up of seven reasons that we are a leader in digital forensics:
1. The best all-in-one forensic software experience
Even before we launched AXIOM, IEF had earned a stellar reputation for being able to ingest data acquired from both computers and smartphones. It meant that forensic examiners had a lot less work to do between acquisition, examination, validation, and reporting—and more importantly, that they made connections they might not otherwise have been able to make.
This value has only matured within AXIOM, which integrates even more capabilities to ensure you have access to as much data—and can visualize it in as many ways—as possible. It assembles the data from the multiple sources into an artifact database. AXIOM even allows examiners to queue up multiple devices for imaging and carving.
2. Reliable smartphone data extraction processes
Logical acquisition methods that use documented OS backup processes and commands mitigate the challenges of obtaining physical images from encrypted devices. Our Quick Extraction uses a combination of two acquisition methods in a single extraction process, to produce one logical image with more content/data than can be obtained by either method on its own. The result is a consistent extraction of the highest value content/data from all iOS and Android devices. This makes AXIOM one of the most viable and consistent options for smartphone data extraction.
Furthermore, we make it easy to understand which acquisition methods were used and how data was extracted from each smartphone. By automating activity logging and documentation, we bring the process out from “behind the curtains” to provide clear step-by-step documentation. This extra level of transparency helps you better present your results to stakeholders and in court.
3. Tool-agnostic analysis
We know many in the forensic community resist the use of walled, proprietary tools, so we seek to remove these kinds of artificial barriers from the ability to do good casework where possible. To that end, we ingest acquired images from multiple third-party sources, including JTAG and chip-off extractions, Cellebrite UFED extractions, etc. and include them within our artifacts database for examination. It’s also why we’re making our new Artifact Exchange free to any and all in the community—no purchase needed to write, share, or download XML or Python scripts.
4. Best-in-class chat support… and then some
IEF’s origin is in chat—the ability to parse private messages from what was then Facebook chat. We’ve since grown our chat support capability to include not just Facebook chat, but also chat associated with numerous other browser and smartphone app artifacts, including Musical.ly, Snapchat, Skype, Kik Messenger, and more. Our chat recovery brings back deeper quality, adjunct data such as location, time stamping, and more.
Most recently, of course, our chat support has evolved into something totally new—Magnet.AI’s contextual content analysis, a much more proactive way to process the entire conversation for potential child luring and to narrow chat results out of the tens or even hundreds of thousands of potential pieces of evidence in any given acquisition.
5. The right balance between speed and quality
Reducing case backlogs is top of mind for many investigators, but so is the ability to verify and validate findings for presentation in a court of law. Aside from AXIOM’s source linking described below, the software’s single stage processing brings together acquisition and processing in one solution, allowing you to minimize the time you spend executing basic processing tasks. At the same time, it indexes artifact data so that keyword searches are faster during examination. AXIOM offers all these benefits in the processing stage with very minimal overhead added to processing time.
6. Validation that inspires confidence
A big part of what brought IEF to the forefront of digital forensics tools was its ability to find evidence that no other tool could. IEF is still a go-to tool for many of our customers, and we’ve continued to mature its capability within AXIOM, which not only accesses the file system and registry, but also recovers more artifacts from unallocated space by extracting data from fragmented files that are not sequential or are out of order. AXIOM even carves data left over from deleted apps and files.
AXIOM adds a layer of simplified validation by linking artifacts directly to their location in the filesystem, allowing examiners to duplicate the findings and verify source data location with ease and in less time than other tools. So, whether AXIOM is your primary go-to tool, or you’re using it to validate your primary tool’s findings, the benefit is the same—more evidence in less time.
7. Reporting that works for you and for all
One of the things our customers tell us they like best about AXIOM is its simple, easy to understand reporting. Because AXIOM presents findings exactly the way they are visualized in the analysis stage, there is no need to manipulate findings—they can naturally fit a customized report template.
AXIOM’s True View exporting enables you to present your findings in a customized view that fits your reporting needs. AXIOM has eight views including World Map, Histogram, Timeline, Column, Row, Thumbnail, Chat Threading and Classic. Export them as you see them—chats exported in chat threads, time stamps exported in a timeline view that can easily be inserted into a report template.
Then, simply share the report as is, already formatted. AXIOM’s Portable Case packages the entire case to pass to other stakeholders, allowing you to collaborate without the need for additional software.
Loving Magnet AXIOM and our other Magnet Forensics Tools? Still relying on Magnet IEF to validate every device? Vote for Magnet Forensic Tools now as Forensic 4:cast Computer Forensic Tool of the Year!