The other day I sat down with the guys at Magnet to take a look through some of the new features in the latest update of AXIOM, and how it compares both to previous updates and to their IEF tool.
This review will focus on AXIOM 2.5. The current version at the time of writing is 2.6; with new versions coming out every month, it’s worth keeping an eye on the new features in each release. One of the main ideas behind version 2.5 was to focus heavily on improving speed performance.
IEF has a similar workflow to AXIOM’s, but it is just an artifacts tool, whereas AXIOM is a full forensics tool. In IEF you choose your evidence sources, fill in the case details and hit ‘Find Evidence’. It will then process your evidence and give you a report on the artifacts. The point of IEF is to have everything in front of you in a format that is easy to analyse, making it simpler to find the most important things and deal with those as a priority.
One big difference between IEF and AXIOM is that AXIOM performs acquisitions, whereas IEF will just load sources that have already been acquired.