#OBTS
Автор: Objective-See Foundation
Загружено: 2025-10-31
Просмотров: 111
Slides: https://objectivebythesea.org/v8/talk...
Talk Description:
In 'BYOB: Containerized Evasion on macOS', we dive into how adversaries can leverage both third-party container platforms (e.g., Docker) and, soon, Apple's upcoming native Linux container support in macOS 26 Tahoe to evade standard telemetry, such as ESF and non-native defenses like EDR. We’ll trace the historical context of macOS containerization, demystify Apple's Hypervisor and Container Frameworks, and demonstrate containers’ stealth capabilities through an attack scenario. Finally, we’ll share a defense-in-depth playbook, offering container-aware detection strategies suitable for integration with SIEM and EDR platforms. Attendees will leave equipped with practical insights and tools to detect, investigate, and counter containerized attacks on macOS.
Speaker's Bio:
👤 Colson Wilhoit is a Senior Security Research Engineer at Elastic on the Threat Research and Detection Engineering Team which is responsible for conducting front-line threat research across all platforms working to develop signatures and resilient, behavioral based detections for both the endpoint and SIEM.
https://x.com/defsecsentinel
Support the Objective-See Foundation:
https://www.objective-see.org/
https://x.com/objective_see/
/ objective-see
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
