MacOS security, hardening and forensics 101

ben-hughes
19 Oct 2017
10:25 - 12:25
CMD room

MacOS security, hardening and forensics 101

A lot of startups only have Apple laptops now, and beautiful though that chunk of aluminium is, it’s built on a sand castle of NextStep and BSD.

Macs are now the obvious target for a lot of organisations, and with every update to macOS you see a slew of CVEs ranging from kernel bugs to code execution in the Contacts application.

In this workshop, I plan to walk the class through a number of mac tools, both for good and for less good, explain what is happening and how we can defend better against it.

On top of this, a number of forensic like tools to show you what kind of information you can get out of your mac in the event of a suspect compromise.

Attendees should *ideally* have a macOS Sierra or High Sierra OS. As a VMware VM would be preferable, but there’s nothing destructive in the class. Having homebrew installed https://brew.sh/ would be helpful.

Class level: beginner, all are welcome. Command line knowledge and basic understanding of macOS is all you need.