Key Capabilities / Features

On- or off-network remote collection: Reliably and covertly perform on- or off-network remote collections of Mac, Windows, and Linux devices to an AFF4-L forensically sound container. Acquire and analyze artifacts from single physical drives and volatile memory to see the full picture. Collections automatically resume if a target goes offline and reconnects. Use targeted locations to acquire only the data that is relevant. Scale up remote data collection by easily combining Axiom Cyber with Magnet Nexus—a closed-based remote endpoints investigation solution—to collect from multiple endpoints simultaneously, and process data at cloud-powered speeds.

Actionable case intelligence: Data visualizations, such as Timeline and Connections, connect the dots between all the artifacts in your case to help you understand what happened when, or the relationships between data and people. Quickly know where to start when investigating complex cyberattacks by identifying TTPs with MITRE ATT&CK®️ framework integration using SIGMA rules, YARA rules integration, and MFT parsing. With new AI tools like Magnet Copilot, enter questions about conversation threads or web searches in a chat style interface and Magnet Copilot will highlight relevant artifacts from your case.

Powerful artifact recovery and filtering: Our artifacts-first approach means relevant data like pictures, documents, chats, and browser history is immediately brought to light. Plus, advanced parsing and carving techniques get the most data from each evidence source. Rapidly identify relevant artifacts using keyword list filtering.

Time-saving workflows: Speed up investigations with features like queued collection and targeted location profiles that minimize manual and repetitive tasks, allowing examiners to focus on data analysis, not configuring the tool.

Intuitive data views: Multiple views, like Email Explorer, Mobile View, and the Cloud Insights Dashboard, provide the needed context to work through data more efficiently.

How we are different

Magnet Axiom Cyber is different from other digital forensics solutions by providing:

1. Ease-of-use: Spend time on generating results, not figuring out tools. Unlike complex legacy forensics solutions, Axiom Cyber was built to be intuitive and easy to use. “It’s so user-friendly that you can just literally give Axiom Cyber what you want, and it will produce the results for you.” – Jamie Stokes Senior Digital Forensics Investigator

2. Analyze data from any data source, including third-party data, for the most complete digital dataset, including:
> Mobile: Process and analyze iOS and Android extractions with Magnet Verakey integration and support for third-party tool extractions.
> Computer: Recover evidence from Windows, Mac, Chrome, and Linux devices. Analyze RAM, browser history, deleted files, and more.
> Cloud: Acquire data—using client or admin credentials—from corporate cloud storage services like AWS S3, EC2, and Azure in addition to other cloud sources including Microsoft 365, Google Workspace, Box, Dropbox, Slack, and iCloud.

3. Open solution and AI-ready: Always be ready for what’s next. Magnet Forensics solutions are open by design and intention, and with AI analysis tools such as Magnet Copilot built-in, your investigation can adapt to meet any digital forensics challenge.