YoVDO

Incident Response on macOS - Thomas Reed

Offered By: YouTube

Tags

DerbyCon Courses Data Analysis Courses Malware Analysis Courses Incident Response Courses Data Collection Courses macOS Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore incident response techniques for macOS in this 51-minute conference talk from Derbycon 2019. Delve into data collection methods, including PICT data collection and basic_info.txt. Learn about analyzing persistence mechanisms, browser histories, install history, and process information. Examine suspicious behavior through detailed walkthroughs and timelines of real-world malware examples such as Wirenet, Mokes, BirdMiner, and FruitFly. Gain valuable insights into detecting and responding to security incidents on Apple's operating system.

Syllabus

Intro
What are we talking about?
How do we collect IR data?
PICT data collection
basic_info.txt
Persistence
Browser histories
Install history
Process info
Suspicious behavior
Wirenet walkthrough
Wirenet timeline
Mokes walkthrough
Mokes timeline
BirdMiner walkthrough
BirdMiner timeline
FruitFly walkthrough
FruitFly timeline


Related Courses

Information Security Management in a Nutshell
SAP Learning Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Enterprise Security Fundamentals
Microsoft via edX Planning a Security Incident Response
Microsoft via edX Introduction to Cybersecurity
Udacity