What Happened?: Swiftly Investigating macOS Security Incidents with Aftermath | JNUC 2023

Check out the power of Aftermath, Jamf's Swift-based incident response tool, in a session led by security experts from Jamf and Huntress.

Embark on a journey with Stuart Ashenbrenner, Allen Golbig, and Matt Benyo as they unveil the potential of Aftermath, an open-source, Swift-based incident response tool by Jamf. In this session, explore how Aftermath synergizes with Jamf Pro and Jamf Protect, streamlining your incident response workflow against macOS security threats. Witness real-world attack scenarios demonstrating Aftermath’s prowess in extracting crucial data and indicators of compromise (IoCs) from compromised endpoints. Delve into its on-device analysis and chronological "storyline" features simplifying the path of discovering infection vectors and constructing a cause-and-effect chain. Don’t miss out on learning how Aftermath could become a cornerstone in your organization’s security toolkit, arming you with real-time forensic data during security incidents.