Now more than ever, critical digital evidence resides beyond physical devices. Investigators need time-sensitive data from public or private user profiles hosted in cloud-based applications, services and web pages to solve cases, but find they are often frustratingly out of reach. Service providers often delay meeting subpoena demands for private information after a warrant is obtained, and manually scouring public data from social media, web pages and other cloud-hosted applications takes precious time investigators simply don’t have. Plus, analyzing such a huge volume of information from multiple sources can be a daunting task and found evidence may not even be admissible in court.
Access the details you need to discover relevant evidence and find new investigative paths within pre-approved legal boundaries. UFED Cloud Analyzer allows you to extract, preserve and analyze public domain and private social media data, instant messaging, file storage, web pages and other cloud-based content using a forensically sound process. Easily search, filter and sort data to quickly identify suspects, victims, locations and more
Capabilities & Benefits
Fulfill requests for cloud-based private data pursuant due process
Gather private user data with appropriate legal authority from over 50 of the most popular social media and cloud-based sources. Use login credentials provided by the subject, extracted from digital devices or PCs, retrieved from personal files or via other discovery means to gain access to time sensitive evidence. See full list of cloud sources here.
Capture and review public data
Easily access, view and incorporate publicly available data into your investigations, such as location information, profiles, images, files and social communications from popular apps, including Facebook, Twitter and Instagram.
Visualize data in a unified format
Normalize different cloud data sources in a unified view to analyze by Timeline, File Thumbnails, Contacts or Maps formats. Search, filter and sort available data across platforms.
Accelerate data collection from web pages
Acquire digital evidence from HTML-based web pages using an automated process to generate new leads and quickly corroborate statements and findings. Search, capture and forensically preserve web-based content in minutes and create powerful visual reports with captured screen shots and comments that can be easily explained to colleagues and juries.
Search their searches
Gain insights into the subject’s intentions and interests by pulling out the history of text searches, visited pages, voice search recordings and translations from Google web history and viewing text searches conducted with Chrome and Safari on iOS devices backed-up iCloud.
Explore location history
Extract detailed location information from a suspect or victim’s private Google Location History, so investigators can track time-stamped movements minute by minute.
Collaborate and integrate data
Share critical evidence with team members by easily generating reports and exporting data into Cellebrite’s Analytics Series or other advanced analytical tools for additional insights.
Track online behavior
Analyze posts, likes, events and connections to better understand a suspect or victim’s interests, relationships, opinions and daily activities.
What is F-Response?
F-Response is an easy to use, vendor neutral, patented software utility that enables an investigator to conduct live Forensics, Data Recovery, and eDiscovery over an IP network using their tool(s) of choice. F-Response is not another analysis tool. F-Response is a utility that allows you to make better use of the tools and training that you already have.
F-Response software uses a patented process to provide read-only access to full physical disk(s), physical memory (RAM), 3rd party Cloud, Email and Database storage. Designed to be completely vendor neutral, if your analysis software reads a hard drive or network share, it will work with F-Response.
Unleash your existing tools and training.
Extend Your Arsenal with F-Response.
WHAT IS XRY CLOUD?
XRY Cloud recovers data beyond the mobile device itself from connected cloud based storage by using the tokens on mobile devices that enable apps to function without the need for users to re-enter their login details. This is particularly useful when looking for online social media data and app-based information for services such as Facebook, Google, iCloud, Twitter, Snapchat, WhatsApp, Instagram and more.
You can use XRY Cloud both with the actual device in your possession and without. XRY Cloud is a separate component within the XRY software. XRY Cloud can be used as a standalone product or as part of a suite of tools within the wider MSAB Ecosystem.
RECOVER EVEN MORE DATA
Recover more data beyond the device, from connected cloud storage solutions. Access services such as Facebook, Google, iCloud, Twitter and Snapchat.
For Android devices, XRY can decode file metadata even though the actual file data is not present on a device. This includes apps like Dropbox, Google Drive and previously inserted SD cards. This can point investigators to new potential sources of evidence accessible with XRY Cloud.
Based on app tokens that were recovered during a standard smartphone extraction with XRY, the user can then recover cloud data. Additionally, XRY Cloud will also show the authorized examiner recovered elements that can be used to locate data online. Assuming Internet connectivity is enabled, then all the user has to do is simply select and click to recover the cloud-based data via XRY.
XRY Cloud allows investigators to recover cloud-based data without actual physical possession of the mobile device. Users will be able to select supported apps within XRY and attempt to recover data. All the cloud data can be combined into an XRY Case File to ensure all the data is stored in one place.
RECOVER AND ANALYZE DATA FROM THE CLOUD
As device encryption becomes more powerful, examiners need to rely on device back-ups, chat history, and account information stored in the cloud.
Retrieve data from services including Facebook, Office 365, Google apps, iCloud, Instagram, Twitter, YouTube, Dropbox, Box, Outlook and more.Try MAGNET AXIOM Cloud today!
FIND MORE CLOUD EVIDENCE
Cloud data contains everything from chat history and pictures, to PDF documents and Excel spreadsheets.
MAGNET AXIOM is the only solution that leverages both computer and mobile artifacts when reviewing cloud data. This unique capability enables examiners to find more cloud evidence than other cloud forensics solutions.
Visualize connections between cloud services, devices and files
Connections lets examiners discover how cloud data is related to computer or smartphone data and learns all the locations that a file exists. Connections also identifies social media contacts and how they are connected to suspects.
INVESTIGATING THE CORPORATE CLOUD
The enterprise has fully embraced the cloud.
MAGNET AXIOM Cloud lets investigators access Office 365 accounts with administrator credentials and selectively acquire evidence. AXIOM Cloud preserves valuable metadata and recovers audit logs.
ACCESS CLOUD ACCOUNTS WITHOUT A PASSWORD
MAGNET AXIOM Cloud extracts and ingests third-party tokens and keychains from mobile devices, allowing investigators to access cloud and social media accounts without requiring a password.
AXIOM HELPS EACH STEP OF AN INVESTIGATION
Retrieve data from services including Facebook, Office 365, Google apps, iCloud, Instagram, Twitter, YouTube, Dropbox, Box, Outlook and more.
Artifacts hold the most relevant digital evidence. Process and recover 1,000+ artifacts.
Increased data volume makes analysis time-consuming. Find critical evidence faster with multiple filters, viewers, and features like Case Dashboard, Connections, and Magnet.AI.
Share results that are easily understood by teams at any level of technical ability.