Leveraging the Apple ESF for Behavioral Detections

Explore the evolution of malicious activity detection on macOS in this 37-minute Black Hat conference talk. Delve into the Apple Endpoint Security Framework (ESF), introduced in macOS Catalina in 2019, and its role in fueling behavioral-based detections. Compare and contrast old and new detection methods, understanding their continued relevance in today's cybersecurity landscape. Learn how to effectively utilize ESF data, both in its basic form and as a pivot point for more sophisticated detection techniques. Gain insights from presenters Jaron Bradley and Matt Benyo as they break down the practical applications of ESF in enhancing macOS security.

Leveraging the Apple ESF for Behavioral Detections