Jamf After Dark: macOS Threat Detection

Despite the misconception, still common in some circles, that "Macs don't get viruses" (and the reality that they do come equipped with very good built-in security), there is a hidden world of malware and exploits out there that specifically target macOS. In this episode of the Jamf After Dark podcast, hosts Kat Garbis, channel program manager, and Katie English, director of product strategy, have detections developer Matt Benyo on to chat about the world of "artisanal antivirus research" for the protection of macOS systems. Benyo recently co-delivered a presentation at the Black Hat conference, and he has two talks coming up at JNUC 2022. The three share some harrowing tales of compromised computers, and Benyo unleashes some great metaphors for understanding the often opaque security practices that he trades in.

Benyo was directed to listen to Black Hat presentations when he was learning the ropes, so getting to present was a big milestone for him. He says that while macOS security is still a bit of a niche topic in the wider cybersecurity world, the talk was well-attended and received with enthusiasm. One of his JNUC presentations will cover most of the same ground, while he also has a more beginner-oriented session on "The Anatomy of a Mac Attack."

Listen to the full episode for a lively and enlightening discussion of:

• How, for security purposes, using a Mac is like living out in the country
• How Gatekeeper works as a border guard or bouncer (and why someone needs to be looking over its shoulder)
• What XProtect does and how its role is evolving
• Bug bounties and whether malware creators care about most macOS exploits
• The problem of balancing device security with a clean user experience
• The often contentious relationships between security researchers and tech companies
• Just in time for spooky season, scary stories of (potential) security breaches!
• And what it's like to give coworkers in InfoSec high blood pressure