The episode begins with the group discussing their time at RSA. Among the attendees of the largely attended conference were this podcast’s guests: Matt Woodruff, Lead Security Solutions Architect, Jaron Bradley, Senior Manager, macOS Detections and Matt Benyo, macOS Threat Researcher — all from Jamf. Co-host Sean Rabbitt, Senior Consulting Engineer, Identity, also attended.
Though some attendees historically associate Jamf with management rather than security, Woodruff mentions that many guests were excited about Jamf’s ability to provide Trusted Access, including with Okta, Google and SwiftConnect integrations. Jamf has the unique ability to secure devices alongside our management platform — along with knowing the compliance status of a device enrolled in MDM, our ZTNA capabilities enable Jamf solutions to protect on the network layer as well as on-device. This allows access to company resources to be restricted as soon as a device falls out of compliance, even if an individual SAML token is still valid.
The group then talks about the MITRE ATT&CK framework, and how it relates to an organization’s security strategy. Woodruff gave a booth presentation at RSA about using MITRE ATT&CK techniques and subtechniques to defend your devices, and how the strategies are different based on the platforms you are securing. Listen to the episode for more details!
macOS behavioral detections
Benyo and Bradley also gave a presentation about macOS behavioral detections using Apple’s endpoint security API. While there were a number of vendors at the RSA Conference talking about their API, this presentation provided a demo of the results obtained with the API. The group also mentions another demo of Jamf’s detection capabilities in a future presentation of the content in the blog “Evasive cryptojacking malware targeting macOS found lurking in pirated applications.”
Themes and takeaways
To conclude this segment of the episode, the group lists these themes and takeaways from the RSA Conference:
- Cloud access security brokers (CASB) under the umbrella of ZTNA are becoming more popular with vendors trying to sell their own unique solutions.
- Cloud security in general is increasing in popularity, especially related to implementation.
- API security is increasing in focus.
- AI is increasing in demand, though it should be used for giving tips/leads rather than leading your security initiative.
- While vendors at the conference are “competing,” they are all trying to solve the same problems and collaborate with each other.
- Jamf supports organizations where they are in their security journey.
Jamf Spring Event
In this segment, co-hosts Kat Garbis and Sean Rabbitt welcome Jen Kaplan, Senior Director of Product Marketing at Jamf to review the highlights of the Jamf Spring Event.
Jamf Safe Internet
Jamf Safe Internet received great adoption and reception since its launch. Kaplan notes that “technology is embedded in the student experience,” especially post-pandemic, and that schools strive to protect students from accessing unsafe content as a result. This is why Jamf Safe Internet is now available on Windows computers. We also added on-device web content filtering for Apple devices to increase performance and efficiency.
Jamf Connect and Okta integration
Jamf Connect allows organizations to simply provision accounts and keep passwords in sync with Okta credentials. Soon Jamf Pro will offer support for Platform SSO, streamlining Okta Verify and FastPass activation on a macOS device. Additionally, Jamf Pro now supports Enrollment SSO, further reducing password fatigue and the number of prompts required to sign in when enrolling into your MDM.
Lastly, Kaplan, Garbis and Rabbitt talk about how Jamf ensures device compliance. Organizations can enforce continuous conditional access that verifies device compliance continually, not just at sign on. With ZTNA, Jamf can shut down device access in real time if a threat is detected and can notify users their connection has been lost.
Visit the Jamf After Dark website to find a complete list of past episodes and subscribe to our RSS feed.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.