Magnet AXIOM
What is Magnet AXIOM?
Magnet AXIOMA commercial DFIR platform from Magnet Forensics that ingests disks, mobile and cloud sources, parses artifacts and presents them in a unified review interface.
Magnet AXIOM is a flagship product of Canadian vendor Magnet Forensics. It is split into AXIOM Process, which acquires and parses evidence from Windows, macOS, Linux, iOS, Android, cloud accounts (Google, Microsoft 365, social media) and IoT, and AXIOM Examine, where analysts review artifacts, build timelines, run keyword searches and produce reports. AXIOM ingests E01, dd, KAPE output and native targeted collections; it parses chat apps, browser history, cloud sync logs, SQLite databases and OS artefacts. The platform supports collaborative cases, machine-learning-based picture categorization (notably for CSAM triage) and is widely used by law enforcement and corporate investigators.
● Examples
- 01
Loading a KAPE triage collection into AXIOM Process to build a unified timeline for an intrusion case.
- 02
Using AXIOM Cloud with a valid token to acquire Microsoft 365 mailbox and OneDrive data.
● Frequently asked questions
What is Magnet AXIOM?
A commercial DFIR platform from Magnet Forensics that ingests disks, mobile and cloud sources, parses artifacts and presents them in a unified review interface. It belongs to the Forensics & IR category of cybersecurity.
What does Magnet AXIOM mean?
A commercial DFIR platform from Magnet Forensics that ingests disks, mobile and cloud sources, parses artifacts and presents them in a unified review interface.
How does Magnet AXIOM work?
Magnet AXIOM is a flagship product of Canadian vendor Magnet Forensics. It is split into AXIOM Process, which acquires and parses evidence from Windows, macOS, Linux, iOS, Android, cloud accounts (Google, Microsoft 365, social media) and IoT, and AXIOM Examine, where analysts review artifacts, build timelines, run keyword searches and produce reports. AXIOM ingests E01, dd, KAPE output and native targeted collections; it parses chat apps, browser history, cloud sync logs, SQLite databases and OS artefacts. The platform supports collaborative cases, machine-learning-based picture categorization (notably for CSAM triage) and is widely used by law enforcement and corporate investigators.
How do you defend against Magnet AXIOM?
Defences for Magnet AXIOM typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Magnet AXIOM?
Common alternative names include: AXIOM, Magnet Forensics AXIOM.
● Related terms
- forensics-ir№ 153
Cellebrite UFED
A family of mobile-forensics products from Israeli vendor Cellebrite that extract, decode and analyze data from smartphones, drones, SIMs and other devices.
- forensics-ir№ 450
GrayKey
A dedicated hardware-and-software appliance from Grayshift (now Magnet Forensics) used by law enforcement to unlock and extract data from locked iOS and Android devices.
- forensics-ir№ 578
KAPE (Kroll Artifact Parser and Extractor)
A Windows triage tool from Kroll that collects forensic artifacts from live systems or images and then runs parser modules to produce ready-to-review output.
- forensics-ir№ 388
Eric Zimmerman's EZ Tools
A free suite of Windows DFIR command-line and GUI tools by Eric Zimmerman for parsing common forensic artifacts and building timelines.
- forensics-ir№ 366
E01 (EnCase Evidence) Image Format
A forensic disk image format originally introduced by Guidance Software for EnCase, storing acquired data in compressed, segmented files with embedded metadata and checksums.
- forensics-ir№ 1156
Timeline Analysis
A forensic technique that reconstructs the chronological sequence of events on a system by correlating timestamps from files, logs, and other artifacts.