The latest release of AXIOM includes G Suite Admin Support, iOS Screen Time and other additional performance improvements.
AXIOM Cloud – Recover Evidence with Administrator Credentials
- G Suite Admin Support
User credentials are no longer necessary when conducting a G Suite investigation. Instead, you can utilize administrator credentials to access corporate Gmail and Google Drive accounts. Additionally, AXIOM Cloud collects audit logs for Google Drive accounts, giving you the opportunity to verify when users were logged-in and to review Google Drive activity.
Artifacts: Screen Time, KnowledgeC, and USB Devices
- Screen Time — This new artifact, found in iOS 12, allows you to recover application usage data — showing which applications a suspect was using.
- KnowledgeC — Provides app and device usage statistics such as device lock stats, apps that were in foreground, device plug-in/charge state, screen on/off, etc.
These are artifacts available for GrayKey acquisitions, or acquisitions from jailbroken devices.
- Windows 10
- USB Devices –more support added for recovering data about connected USB devices. In the latest Windows 10 builds, large capacity USB devices are stored in a different registry location and AXIOM now recovers information about these connected USB devices.
Performance, Performance, Performance!
- Project VIC
- Project VIC JSON exports are now 2.5x faster than they were before.
- Video Deduplication
- Now when AXIOM 2.8 detects a valid video file, it will parse the content to recover and artifact and skip carving that same file.
- With Axiom 2.8 it’s easier to sort and filter on artifact data within Thumbnail view. Now, you can sort or filter on specific artifact attributes to view data chronologically.
- Method of Artifact Recovery
- AXIOM 2.8 now shows if evidence was parsed or carved. Meaning that you can now filter out parsed or carved evidence — helping deduplicate the number of artifacts that you need to review.
New and Updated Artifacts
New and updated artifacts included in AXIOM 2.8:
- New in Windows
- Your Phone (SMS & Photo Sync on Windows 10)
- Windows 10 Large Capacity USB Devices
- New in iOS
- iOS 12 Screen Time
- New in Android
- Bluetooth Devices
- Application Activity
- Contacts (Android)
- SMS/MMS (Android)
- KakaoTalk (Android)
- Gmail (Windows)
- Skype (all platforms)
- iMessage/SMS/MMS (iOS)
- iOS Call Logs (iOS)
- Chrome History (Win/Mac)
- Chrome Cache (iOS)
- WhatsApp Groups (Android)
- Encrypted Files