About This Webinar
Visibility is hard to come by on macOS systems. While there’s a wealth of readily available tools that security teams and researchers can use to gather telemetry from Windows systems, there’s a dearth of such tools available for macOS. Organizations seeking better optics from their Apple devices have either had to combine many very specialized tools or pay for a macOS-focused EDR sensor. The resultant lack of visibility into macOS has an obvious consequence: there is a deep knowledge gap about macOS threats and corresponding detection and response strategies.
In this webinar, we’ll show you how we use the Red Canary Mac Monitor tool to dig deep into macOS systems and improve our detection and response capabilities—and how it helped us discover an exploitable Gatekeeper bypass vulnerability in macOS.
Host Jess Steinbach Webinar Moderator ActualTech Media
Featuring Matt Graeber Director, Threat Research Red Canary
Featuring Brandon Dalton Senior Threat Researcher Red Canary
Featuring Cori Smith Threat Hunter Red Canary
What You'll Learn
- A better understanding of visibility limitations and possibilities in macOS
- Strategies for leveraging visibility to expand macOS detection coverage
- Additional knowledge about macOS’s Gatekeeper security feature, what it protects against, and how adversaries abuse it
- Everything you need to know to download and install Red Canary Mac Monitor, a free tool for collecting telemetry from macOS system