We are happy to announce the release of Magnet AXIOM Cyber 7.6. This release introduces several new features and improvements to make your investigations even faster and easier, no matter what type of case you’re working on – from internal investigations and incident response to supporting eDiscovery:
Remote Endpoint File Listing
Microsoft 365 Client Credentials Authentication
Automatic Correction of GitHub YARA Links
You can upgrade to the latest version within AXIOM Cyber or over at the Magnet Forensics Customer Portal. Or, if you haven’t tried AXIOM Cyber yet, request a free trial here.
Remote Endpoint File Listing
When you’re faced with a security incident or supporting an internal investigation, you may need to quickly obtain a complete list of all of the files or folders currently on an endpoint or custodian’s machine. Magnet AXIOM Cyber can automatically (or manually) generate a comprehensive index of the files and folders currently on a remote endpoint – within a few minutes. Now, you can preserve that index and search it to help you during an investigation or for future reference.
In the context of eDiscovery, during Early Case Assessment (ECA), this feature can be used to quickly estimate collection and processing times by giving you a broad understanding of all files currently on a custodian’s machine. For internal investigations or incident response, the presence of a file (or several files) can be quickly validated and preserved before a full collection so that you can know exactly which end users require a complete collection and deep dive.
To learn more about this new feature and explore how it can help you in your investigations, check out the blog post: “Three Ways to Use Remote Endpoint File Lists to Streamline Your Investigations”.
Microsoft 365 Client Credentials Authentication
A new enhancement to our Microsoft 365 collection workflow allows you to authenticate and access data with client credentials. If your organization’s data access control policy prohibits the use of global admin accounts or an account’s username and password to authenticate and access data, upgrade now and use client credentials instead to meet your organization’s security, privacy, and compliance policies while collecting the comprehensive cloud data you need for your investigations.
Client credentials are configured in Azure and can be set up with read-only access with the option to choose what data can be accessed. You can also set client credentials to expire if governance rules require time-limited access to data. Learn how to set up client credentials in Azure in our knowledge base article “Sign in to Microsoft using Client Credentials” (Support Portal login required.)
Automatic Correction of GitHub YARA Links
For a smoother workflow while utilizing GitHub YARA rules repositories, AXIOM Cyber now automatically corrects any GitHub URLs to point to the valid Git repository.
For example, if you paste a folder URL (e.g., https://github.com/elastic/protections-artifacts/tree/main/yara) into AXIOM Cyber, it will be automatically corrected to the respective Git repository for you (e.g., https://github.com/elastic/protections-artifacts.)
This is an update to the previously released feature in AXIOM Cyber 7.5, “Adding and Updating YARA Rules From Git Repositories,” which lets you paste a YARA rules Git repository link into AXIOM Cyber to add all of the rules in that repository automatically.
New Artifacts
iOS Messages Preferences
Updated Artifacts
Facebook Contacts
Facebook Messenger
iOS Owner Information
Safari Downloads
Signal Messages
Signal Users
Snapchat Chat Messages
Tinder Accounts
Get Magnet AXIOM Cyber 7.6 Today!
If you already use AXIOM Cyber, download 7.6 at the Magnet Forensics Customer Portal. To try AXIOM Cyber for yourself, request a free trial today!