A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Cleaning the Apple Orchard - Using Venator to Detect macOS Compromise - Richie Cyrus (BSidesCharm 2019) (Hacking Illustrated Series InfoSec Tutorial Videos)

Cleaning the Apple Orchard - Using Venator to Detect macOS Compromise

Richie Cyrus

BSidesCharm 2019
http://www.bsidescharm.com

Various solutions exist to detect malicious activity on macOS. However, they are not intended for enterprise use or involve installation of an agent. This session will introduce and demonstrate how to detect malicious macOS activity using the tool Venator. Venator is a python based macOS tool designed to provide defenders with the data to proactively identify malicious macOS activity at scale.

Richie Cyrus is a Senior Consultant at SpecterOps where he specializes in detection of advanced adversaries with a focus in MacOS and Linux environments. Richie has a background in incident response, forensics and security operations spanning across the Fortune 100 and the public sector. He currently maintains a DFIR focused blog at https://medium.com/securityneversleeps.

Back to BSidesCharm 2019 list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast