Comparing apples to Apple
Speakers
About this talk
Adam Mathis (@ch41_) Many defenders have hard fought experience finding evil on Windows systems, but stare blankly when handed a Mac. You know all the ways PowerShell can own a box, but how about AppleScript? You know all the Run keys by heart, but where would you find rogue kernel extensions? This practical talk will give defenders a primer in finding adversarial activity on macOS using the TTPs they know and love from other platforms as a reference point.
Related talks
41:33Stop Writing Malware! The Blue Team Has Done It for You
BSides Augusta · 2022
51:33Jake Williams - Linux privilege escalation for fun profit and all around mischief
BSides Augusta · 2016
59:06Paul Melson - How To Write Good YARA Rules
BSides Augusta
25:38Matthew Deluca - Race Against the Machine: Rapid Exploit Development via LLMs
BSides Augusta
45:17Enterprise Security Monitoring: Comprehensive Intel-Driven Detection
BSides Augusta · 2013
48:00Machine Learning Fueled Cyber Threat Hunting
BSides Augusta · 2017