Axiom Tips & Tricks Free Webinar19.08.20
Magnet Forensics - Axiom Tips & Tricks free webinar series
Magnet offer regular Free webinars to help you stay up to date with the developments of their software.
Learn more about regex in this week's Tips & Tricks webinar and make sure to save your spot for next week's webinar where we'll be demystifying Mac investigations!
Missed any of our previous webinars? Head over to our Resource Center to find recordings.
TIPS AND TRICKS // AXIOM ADVANCED SEARCHES/REGULAR EXPRESSIONS
Can regex (regular expressions) be scary? Absolutely! Do you need to be an absolute wizard to start using them? No way! Magnet AXIOM's advanced searches and columns allow forensic examiners to make use of regular expressions to help sort through their data with greater precision.
Join Mike Williamson for this Tips & Tricks session, where he makes the case for learning about regex, and provides several reusable pattern constructs you can begin using in your examinations immediately!
DEMYSTIFYING MAC INVESTIGATIONS: MAC VS. WINDOWS ARTIFACTS COMPARISON
Forensic Examiners today are faced with supporting an ever-growing range of evidence and investigation types. While dead-box Windows investigations dominated casework in the early years of digital forensics, examiners must now also consider a multitude of other devices and data sources, including smartphones, cloud apps and services, and a growing Mac population in both the private and public sectors—in many areas macOS endpoints are nearly as popular as Windows.
For examiners who don’t regularly work macOS investigations, it can be a challenging and frustrating experience—macOS forensics are in a constant state of flux, and examiners often encounter a steep learning curve when it’s time to analyze a Mac, with recent file system changes, Read-Only Volumes, and hardware-based encryption being a few of the notable obstacles examiners must overcome.
Join Trey Amick, Manager of Forensic Consultants at Magnet Forensics, as he compares the key artifacts utilized in the Windows and Mac operating systems to help you more confidently conduct Mac investigations, including:
File System: $UsnJrnl vs. File System Events (FSEvents)
User Accounts: Windows Registry vs. Mac user plist
Applications Usage: SCRUM vs. Network Application Usage
Windows UserAssist vs. Mac Recently Used Items
External media investigations across both platforms