Editor’s Note: This post was originally published in September 2022 and has been updated for accuracy and comprehensiveness.
Learn about simplifying digital forensics analysis workflows with an investigative intelligence platform that gives you one central area for reviewing mobile device data.

Digital Forensics Specialist
Grayshift
ArtifactIQ: The Investigative Intelligence Platform That Helps You Solve Cases Fast
Every investigator is faced with answering five key questions while working on a case: Who, What, Where, When, and Why? The answers to these questions help solve cases, and tools should be available for law enforcement that help them on their journey to justice.
ArtifactIQ by Grayshift is an investigative intelligence platform intended to help investigators answer these questions as quickly as possible. It’s easy to get lost in the weeds while sifting through extractions and artifacts. The Dashboard feature in ArtifactIQ provides investigators with immediate actionable intelligence that will lead you to additional extracted information. It serves as a central location that you can revert to in case you’re stuck, or to check on items of interest that are important to your case.
With ArtifactIQ you can:
- View information about the device owner, including phone numbers, email addresses, and social media accounts.
- View information about the device itself, such as the make and model, OS version, and IMEI.
- See the latest messages, most contacted parties, and most recent locations.
- Get a detailed view of any artifact, including the application source, when it was sent, and the status of the message.
- Tag artifacts as important for quick reference.
- Share extractions with other investigators in real time.
As a cloud-based solution, ArtifactIQ empowers investigators to collaborate efficiently and do what you do best: investigate and solve crimes.
How ArtifactIQ (and the Dashboard) Helps You Answer Five Key Questions
Who?
Investigators can use ArtifactIQ to identify the device owner by viewing information such as phone numbers, email addresses, and social media accounts from the Dashboard. This information can be used to help track down the owner and interview them about the case.
What?
Investigators can use ArtifactIQ to identify what happened by viewing information such as messages, calls, and locations. This information can be used to help reconstruct the events of the crime and identify the people involved.
Where?
Investigators can use ArtifactIQ to identify where a crime happened by viewing information such as locations. This information can be used to help identify the crime scene and identify witnesses.
When?
Investigators can use ArtifactIQ to identify when the crime happened by viewing timestamps on messages, calls, and locations. This information can be used to help narrow down the time frame of the crime and identify witnesses.
Why?
Investigators can use ArtifactIQ to identify why a crime happened by digging into messages, calls, and social media posts. This information can be used to help understand the motive for the crime and identify possible suspects.
Start Simplifying Your Digital Forensics Analysis Workflow
In addition to answering these questions, ArtifactIQ helps simplify your department’s current workflow by offering the ability to monitor your extractions, monitor names assigned to extractions, and monitor current progress percentage all from the comfort of the Dashboard. You can instantly begin collaborating with other investigators and other involved parties granted access to the Dashboard.
To learn more about simplifying your digital forensics analysis workflow download this infographic: Simplifying The Digital Forensics Analysis Workflow.
© 2023. Grayshift, LLC. All rights reserved. Proprietary and confidential.