Webinar Replay Series for Law Enforcement Investigations
If you missed out on some of our recent webinars, we’re offering you another chance to view them and submit your questions. Register for the webinar of your choice below.
Getting a More Complete Picture Using Cloud Evidence
February 18
– 11:00AM EST
– 1:00PM EST
– 9:00AM EST
Abstract:
Data from cloud-based services can be invaluable in helping round out evidence for your investigations. However, there are often challenges with using the evidence even once you have acquired it from a suspect, victim, or even witness.
Investigators now have ways to use cloud data that goes beyond simply acquiring evidence from a user’s cloud services.
Join Curtis Mutter, Sr. Product Manager, to learn how you can use Magnet AXIOM Cloud to leverage warrant returns, publicly available information from services such as Twitter and user-requested archives (e.g. Google Takeout) so you can get a more complete picture of a person of interest’s online persona and activity.
Addressing the Challenges of ICAC Investigations
February 25
– 11:00AM EST
– 1:00PM EST
– 9:00AM EST
Abstract:
Internet Crimes Against Children (ICAC) investigations can often take the biggest toll on law enforcement agencies. Between the disturbing situations these cases arise from, the sheer volume of evidence, and the lasting effects that exposure to Illicit Images of Children (IIOC), there are a number of stress points that can have lasting repercussions for agencies and examiners in particular.
In this session, we’ll talk about some of the challenges presented by ICAC investigations and share how Magnet Forensics is working to help labs work through ICAC cases faster and recover defensible evidence while providing ways that promote officer wellness by minimizing over-exposure to IIOC.
macOS: Forensic Artifacts and Techniques that are Essential for Mac Investigations
March 5
– 11:00AM EST
– 1:00PM EST
– 9:00AM EST
Abstract:
Mac investigations can be challenging for a number of reasons. Learn about the Apple File System (APFS) and the changes made as part of the update from HFS+, while discussing the best techniques for successfully completing macOS investigations. In this session we will also investigate APFS Operating System artifacts and files such as: KnowledgeC.db, FSEvents, Volume Mount Points, Quarantined Files, and bash history, providing context on how these artifacts will help connect the dots in your investigations.
Memory Analysis for Investigations of Fraud and Other Wrongdoing
March 19
– 11:00AM EST
– 1:00PM EST
– 9:00AM EST
Abstract:
Computer memory is more than just another digital data source in an investigation—it’s a potential trove of actionable intelligence. Faster than acquiring a hard drive and composed of no more than a few gigabytes (compared to potentially terabytes of data), evidence found in memory can focus and shape interviews of compliant victims, witnesses, and suspects, as well as the deeper digital forensic examination of digital media. Using a case scenario involving the cloning of credit card / personally identifiable information (PII), this webinar will show you how to recognize the circumstances in which memory acquisition makes sense, and why it matters. With an emphasis on user activity, you’ll learn how memory analysis delivers otherwise encrypted results, including device and account passwords. Understand memory artifacts including hiberfil.sys, pagefiles, $MFT resident data, registry hives and keys, and why they matter.