[Infographic] macOS Native Security Configurations and osquery

Posted by Harry Hayward on 9/17/19 8:41 AM

Be it for macOS or my dog eating out of the trash, there is no such thing as a bullet-proof security policy. It’s all about creating a threshold of standards- something to work off of while simultaneously reducing overall risk (you know, like storing your trash can on the counter, for example).

Read More

Topics: osquery, macOS, mac edr, open-source, asset inventory, security hygiene

Threat Hunting with Osquery: 5 macOS Malware Techniques & How to Find Them

Posted by Amit Malik on 5/2/19 9:40 AM

This previous blog post explored ways to use osquery for macOS malware analysis. Using the same methodology introduced there, we analyzed five additional macOS malware variants and recorded their behavior to understand the techniques they used. Below, you’ll find the techniques used by Calisto, Dummy, HiddenLotus, LamePyre and WireLurker. Read on to explore how to translate the techniques used by these malware into queries you can run to hunt for the active presence or historical artifacts using osquery.

Read More

Topics: osquery, macOS, malware, mac edr, open-source, incident investigation

Is your Mac fleet secure? Tackling the myth of inherent mac security

Posted by Matt Hathaway on 4/19/18 3:38 PM

There’s a dangerous myth among some Mac users that, unlike Windows, the platform is impervious to malware. Since nothing is bulletproof, it would be dangerous to assume Mac fleet security, so let’s recognize why Macs have historically been low risk and why that looks to be changing.

Read More

Topics: macOS, mac edr

Uptycs Blog | Cloud Security Trends and Analysis

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you'll enjoy our blog enough to subscribe, share and comment.

Subscribe for New Posts

Find Uptycs Everywhere

Recommended Reads