Continuous Monitoring on macOS

As a macOS admin of almost 10 years, I came out of the SANS SEC511 Continuous Monitoring course a JEALOUS individual. Where’s my first party application whitelisting solution? Where’s my in-depth system monitoring tools? SEC511 showed me just how vulnerable to attack my macOS fleet actually was, and I’ve been working furiously to fix it ever since. Apple has ceded many of these enterprise requirements to be solved by the Mac Admin community, third party companies, and open source projects from the likes of Google and Facebook. In this talk based on my Gold Paper in progress, I would like to explore the tools that can be leveraged on macOS to get a similar level of effective continuous monitoring.

Register Today!