MacOS Threat Hunting Training

threat_hunting_2

The Objective by the Sea 2023 training has officially sold out. If you would like to join the waitlist or are interested in a potential future remote training please message jaron@themittenmac.com

Join us for The Mitten Mac Threat Hunting Training. The only course dedicated to teaching how to threat hunt macOS data at the endpoint level!

Whether you’re new to threat hunting or an experienced threat hunter, this three day course will bring an in-depth and hands on experience to those looking to deep dive into using macOS internals to their advantage for threat hunting. Learn how to use the less commonly used artifacts to hunt down malicious activity in your environment.

This course uses simulated attack data collected with the Apple Endpoint Security API and teaches attendees how to connect the dots to determine what took place on the system.

Topics are discussed in presentation form and then applied via hands on labs. Among the different topics explored are

  • Exploring the process tree and understanding process creation
  • Understanding the complications of XPC
  • Tracing the steps of real malware samples and determining the scope of the attack
  • Hunting using the lesser explored pid values
  • Hunting using macOS and Unix specific technologies
  • …And much more
Attendees will walk away with a solid understanding of the system internals knowledge required for threat hunting on macOS as well as a new set of investigation skills.

Location : 

When :
  • October 9th-11th
Price :
  • $1500 USD
  • Conference ticket must be purchased separately!
Prerequisites
  • You have a laptop capable of searching keywords with-in large amounts of text data (Learn how to use grep!)
  • You have a basic understanding of how to operate a Mac
  • You understand the general concept of how computers work and what a process is
  • General understanding of one of the following topics
    • threat hunting
    • forensics
    • incident response
    • computer science
Cancellation Policy
  • Full refund (minus transaction fees) if cancelled before 9/1/23
  • Half refund after 9/1/23 (minus transaction fees)
  • Note: Payments are handled through Stripe and reimbursements will not include the transactions fees that Stripe may charge

Further Questions:

  • jaron@themittenmac.com