MacAdmins is the premier East Coast conference for anyone who deploys and manages Macs and iOS devices. We are featuring 69 sessions and seven workshops with top notch speakers in the macOS and iOS deployment community. MacAdmins offers an incredible level of expertise, value, entertainment, and a great opportunity to network with your fellow admins! Visit our website.
In this talk, we share the experience of the Threat Intelligence team at Uptycs, a SaaS EDR solution provider for Mac OS X and Linux cloud workloads based on osquery, in effectively hunting for threats on the Mac OS X platform. An innovative approach to using advanced system monitoring capabilities of osquery instead of an instrumented virtualization environment for analysis and hunting will be described.
