Overview
Watch a 44-minute webinar exploring Red Canary's free tool for monitoring and analyzing macOS system events, designed as a macOS equivalent to Windows ProcMon. Learn about overcoming visibility challenges in macOS environments, where security teams traditionally face limited tooling options compared to Windows systems. Discover how to leverage this tool for enhanced detection and response capabilities, including a real-world example of uncovering a Gatekeeper bypass vulnerability. Gain practical knowledge about macOS visibility limitations, strategies for expanding detection coverage, insights into the Gatekeeper security feature and its vulnerabilities, and step-by-step guidance for implementing this free telemetry collection tool. Perfect for security researchers, IT professionals, and organizations seeking to improve their macOS security monitoring capabilities without investing in expensive EDR solutions.
Syllabus
Red Canary Mac Monitor: A new, free tool for gathering macOS telemetry
Taught by
Red Canary