Red Canary Mac Monitor: A New, Free Tool for Gathering macOS Telemetry


  • Red Canary

About This Webinar

Visibility is hard to come by on macOS systems. While there’s a wealth of readily available tools that security teams and researchers can use to gather telemetry from Windows systems, there’s a dearth of such tools available for macOS. Organizations seeking better optics from their Apple devices have either had to combine many very specialized tools or pay for a macOS-focused EDR sensor. The resultant lack of visibility into macOS has an obvious consequence: there is a deep knowledge gap about macOS threats and corresponding detection and response strategies.

In this webinar, we’ll show you how we use the Red Canary Mac Monitor tool to dig deep into macOS systems and improve our detection and response capabilities—and how it helped us discover an exploitable Gatekeeper bypass vulnerability in macOS.

  1. Jess Steinbach

    Host Jess Steinbach Webinar Moderator ActualTech Media

  2. Matt Graeber

    Featuring Matt Graeber Director, Threat Research Red Canary

  3. Brandon Dalton

    Featuring Brandon Dalton Senior Threat Researcher Red Canary

  4. Cori Smith

    Featuring Cori Smith Threat Hunter Red Canary

What You'll Learn

  1. A better understanding of visibility limitations and possibilities in macOS
  2. Strategies for leveraging visibility to expand macOS detection coverage
  3. Additional knowledge about macOS’s Gatekeeper security feature, what it protects against, and how adversaries abuse it
  4. Everything you need to know to download and install Red Canary Mac Monitor, a free tool for collecting telemetry from macOS system