Jamf Blog
The Jamf After Dark title and logo, a microphone superimposed over a speech bubble, against a green background with office hardware
September 22, 2022 by Tim Herr

Jamf After Dark: macOS Threat Detection

Jamf detections developer Matt Benyo talks about the wild world of threat detection for macOS on this episode of the Jamf After Dark podcast.

Despite the misconception, still common in some circles, that "Macs don't get viruses" (and the reality that they do come equipped with very good built-in security), there is a hidden world of malware and exploits out there that specifically target macOS. In this episode of the Jamf After Dark podcast, hosts Kat Garbis, channel program manager, and Katie English, director of product strategy, have detections developer Matt Benyo on to chat about the world of "artisanal antivirus research" for the protection of macOS systems. Benyo recently co-delivered a presentation at the Black Hat conference, and he has two talks coming up at JNUC 2022. The three share some harrowing tales of compromised computers, and Benyo unleashes some great metaphors for understanding the often opaque security practices that he trades in.

Benyo was directed to listen to Black Hat presentations when he was learning the ropes, so getting to present was a big milestone for him. He says that while macOS security is still a bit of a niche topic in the wider cybersecurity world, the talk was well-attended and received with enthusiasm. One of his JNUC presentations will cover most of the same ground, while he also has a more beginner-oriented session on "The Anatomy of a Mac Attack."

Listen to the full episode for a lively and enlightening discussion of:

  • How, for security purposes, using a Mac is like living out in the country
  • How Gatekeeper works as a border guard or bouncer (and why someone needs to be looking over its shoulder)
  • What XProtect does and how its role is evolving
  • Bug bounties and whether malware creators care about most macOS exploits
  • The problem of balancing device security with a clean user experience
  • The often contentious relationships between security researchers and tech companies
  • Just in time for spooky season, scary stories of (potential) security breaches!
  • And what it's like to give coworkers in InfoSec high blood pressure

Visit the Jamf After Dark website to find a complete list of past episodes and subscribe to our RSS feed.

Photo of Tim Herr
Tim Herr
Jamf
Tim Herr is a copywriter focusing on channel and partner marketing initiatives. With a background in advertising and librarianship, he enjoys exploring the varied uses and social impact of Jamf solutions.
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.