Presented at
Objective by the Sea version 1.0 (2018),
Nov. 3, 2018, 3:15 p.m.
(45 minutes)
It is well understood that traditional anti-virus products struggle to detect advanced Mac malware. To uncover such threats, clearly a behavior-based approach is needed.
We'll begin this talk, by discussing our open-source monitoring framework ('MonitorKit') which passively collects a myriad of system events.
But what good are a steady stream of events, if they cannot be intelligently and efficiently processed? Enter: Apple's built-in game engine. By means of this highly optimized logic engine, we can quickly and efficiently apply analytics against these collected events to detect both anomalous and malicious events!
End result? A comprehensive, extensible detection, response and threat hunting platform. To illustrate the real-world efficacy of this novel approach, we'll pit it against recent Mac malware, which honestly never stood a chance!
Presenters:
-
Jon Malm
- Co-founder and CTO of Digita Security
Jon is the co-founder and CTO of Digita Security where he architects enterprise security tools, designs scalable backend software stacks, and creates beautiful, yet practical user interfaces.
Jon is a passionate technologist with over 15 years of experience in malware analysis, reverse engineering, and product development. When his eyes are not glued to a screen, he is a family man, a runner, and can often be seen cheering on the Cyclones.
-
Joshua Stein
- Co-founder and CEO of Digita Security
Josh is the co-founder of Digita Security where he engineers enterprise security tools, while leading a team of passionate macOS security professionals.
His previous roles as a VP at IronNet Cybersecurity and developer at the NSA, have given him valuable insight into both offensive and defensive cyber-security operations. When he's not writing code or running a company, he's enjoys spending time with his family or catching the occasional football game at the horseshoe.
Links:
Similar Presentations: