A Closer Look at MacOS Built-In Security Tools

The first line of defense for any user running macOS is the Apple suite of security tools.

Gatekeeper, XProtect, and MRT line up for Apple to help keep the users safe and secure when using their device.

In this talk, we will deep dive into the three primary built-in Apple security tools. We will discuss how they work, the technical pieces and processes behind it, how they help users, as well as their blindspots.

In macOS 12.3, we have seen the directory structure of XProtect and MRT change. We will further discuss what those changes are, and if they have any impact on how they currently operate.