A brand-new free tool for your toolkit, Magnet RESPONSE for incident response investigations!
Magnet RESPONSE is a free and easy-to-use solution to quickly collect and preserve data from local endpoints before it is potentially modified or lost. A pre-set collection profile lets you target a comprehensive set of files and data relevant to incident response investigations, including RAM.
Collect a Comprehensive Set of Data Relevant to IR Investigations With One Tool and One Click
With Magnet RESPONSE, you’ll no longer need to use multiple tools or modules to collect a comprehensive set of data and files related to IR investigations.
Also, minimal to no training is required—it’s as simple as running it on the endpoint, configuring the collection and clicking “start capture.”
This makes Magnet RESPONSE useful in situations where non-technical users may need to collect and preserve data on behalf of law enforcement investigators as part of a cyber incident investigation.
Magnet RESPONSE: What does it do?
Magnet RESPONSE is a free and easy-to-use solution to quickly collect and preserve data from local endpoints before it is potentially modified or lost. A pre-set collection profile gives you the ability to target a comprehensive set of files and data relevant to incident response investigations, including RAM.
Minimal to no training is required—it’s as simple as running it on the endpoint, configuring the collection and clicking “start capture.” This makes Magnet RESPONSE useful in situations where non-technical users may need to collect and preserve data on behalf of law enforcement investigators as part of a cyber incident investigation.
Key Benefits & Features
Easy-To-Use: A guided two-step process and progress bar is straightforward for even non-technical users to use
Fast & Comprehensive: Collect and preserve data starting with the most volatile using the built-in Comae RAM capture (MAGNET DumpIt) functionality, and volatile data and files commonly associated to cybercrime, such as Windows Event Logs, Registry Hives, Jumplist files, and many other log files in minutes – no need for multiple tools to get the IR data you need
Portable: It is compromised of a single executable file (less than 1MB), is easily downloaded, and can be stored and run from a USB key
Collect by Keyword & Skip Large Files: configure free-form collections using your own set of keywords (or the defaults provided), with the option to limit the size of files collected to maintain speed
Consolidated Output: Output is consolidated and saved as a .zip file for easy delivery or processing and analysis in Magnet AXIOM & Magnet AXIOM Cyber
Data Integrity: An embedded hash value is provided to verify the integrity of the data