urlscan.io logo urlscan.io
SecurityTrails logo

redcanary.com Open in urlscan Pro
104.198.136.223  Public Scan

Back to summary
Submitted URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGLCsNnECNsmAQNPK2LT2fo4tpzWkX_f0zcGPXHKvXRa2lXHZMSbcJGmHcQhR7KP7CaZzksJc0=
Effective URL: https://redcanary.com/resources/webinars/redroc-uncaged-macos-telemetry/?utm_source=invite&utm_medium=email&utm_campai...
Submission: On April 11 via api from US — Scanned from DE

Form analysis 3 forms found in the DOM

<form id="mktoForm_3008" __bizdiag="196411175" __biza="WJ__" novalidate="novalidate" class="mktoForm mktoHasWidth mktoLayoutLeft" style="font-family: inherit; font-size: 13px; color: rgb(51, 51, 51); width: 851px;">
  <style type="text/css"></style>
  <div class="mktoTemplateBox">Welcome back, Matt Shivers<br><br><span class="mktoButtonWrap mktoNative"><button type="submit" class="mktoButton">Register Now</button></span><br><br><a class="mktoNotYou">Not you?</a></div><input type="hidden"
    name="formid" class="mktoField mktoFieldDescriptor" value="3008"><input type="hidden" name="munchkinId" class="mktoField mktoFieldDescriptor" value="003-YRU-314"><input type="hidden" name="mktoUTMSource" class="mktoField mktoFieldDescriptor"
    value="invite"><input type="hidden" name="mktoUTMMedium" class="mktoField mktoFieldDescriptor" value="email"><input type="hidden" name="mktoUTMCampaign" class="mktoField mktoFieldDescriptor" value="redroc-webinar"><input type="hidden"
    name="GCLID__c" class="mktoField mktoFieldDescriptor" value="">
</form>

GET https://redcanary.com/

<form method="get" class="search-form" action="https://redcanary.com/" __bizdiag="115" __biza="WJ__"> <svg width="20" height="19" viewBox="0 0 20 19" fill="none" xmlns="http://www.w3.org/2000/svg">
    <line x1="12.8839" y1="12.1161" x2="18.8839" y2="18.1161" stroke="black" stroke-width="2.5"></line>
    <circle cx="7.5" cy="7.5" r="6.25" stroke="black" stroke-width="2.5"></circle>
  </svg> <input id="input-search" class="search-input" name="s" type="text" placeholder="Search" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"> <input type="submit" class="search-btn" value="Search"></form>

<form __bizdiag="-1927021094" __biza="WJ__" novalidate="novalidate" class="mktoForm mktoHasWidth mktoLayoutLeft"
  style="font-family: inherit; font-size: 13px; color: rgb(51, 51, 51); visibility: hidden; position: absolute; top: -500px; left: -1000px; width: 1600px;"></form>

Text Content

Skip Navigation
 

Join us for the Threat Detection Series Live! – space is limited Register Now

Get a Demo
Demo
 * What We Do
 * Solutions
 * Resources
 * Partners
 * Company

 * 2022 Threat Detection Report PDF
 * 2022 Executive Summary PDF

 * Intro
 * Past Reports
 * Threats
 * Techniques

 * Introduction
 * Ransomware
 * Supply Chain Compromises
 * Vulnerabilities
 * Affiliates
 * Crypters-as-a-Service
 * Common Webshells

 * User-Initiated Initial Access
 * Malicious macOS Installers
 * Remote Monitoring and Management Abuse
 * Linux Coinminers
 * Abusing Remote Procedure Calls
 * Defense Validation and Testing

 * Top Threats
 * Rose Flamingo
 * Silver Sparrow
 * Bazar
 * Latent Threats
 * Cobalt Strike

 * Impacket
 * SocGholish
 * Yellow Cockatoo
 * Gootkit
 * BloodHound

 * Top Techniques
 * Command and Scripting Interpreter
 * Signed Binary Proxy Execution
 * Windows Management Instrumentation
 * OS Credential Dumping
 * Ingress Tool Transfer

 * Process Injection
 * Scheduled Task/Job
 * Obfuscated Files or Information
 * Masquerading
 * Hijack Execution Flow
 * Impair Defenses

 * Managed Detection and Response
 * Integrations
 * The Red Canary Difference
 * Get a Demo

Named a leader in MDR

 * Atomic Red Team™
 * Cloud, SaaS, and Identity Protection
 * MDR for Microsoft
 * Active Remediation

 * Replace your MSSP
 * Post-Breach Response
 * EDR Deployment
 * EDR Migration
 * Linux Security

 * View All Resources
 * Blog
 * Guides & Overviews
 * Case Studies
 * Videos
 * Webinars
 * Events
 * Customer Help Center

Blog

Sharpen your skills with the latest information, security articles, and
insights.

 * Overview
 * Incident Response
 * Insurance & Risk
 * Managed Service Providers
 * Solution Providers
 * Technology Partners

Red Canary Partner Connect

Apply to become a partner.

 * About Us
 * News & Press
 * Careers - We're Hiring!
 * Contact Us
 * Trust Center and Security

Contact Us

How can we help you? Reach out to our team and we'll get in touch.

 * Liner Notes
 * Side 1: Trends
 * Side 2: Threats
 * Bonus Tracks: Techniques

 * What We Do
      What We Do
    * Managed Detection and Response
    * Integrations
    * The Red Canary Difference
    * Get a Demo

 * Solutions
      Solutions
    * Atomic Red Team™
    * Cloud, SaaS, and Identity Protection
    * MDR for Microsoft
    * Active Remediation
    * Replace your MSSP
    * Post-Breach Response
    * EDR Deployment
    * EDR Migration
    * Linux Security

 * Resources
      Resources
    * View All Resources
    * Blog
    * Guides & Overviews
    * Case Studies
    * Videos
    * Webinars
    * Events
    * Customer Help Center

 * Partners
      Partners
    * Overview
    * Incident Response
    * Insurance & Risk
    * Managed Service Providers
    * Solution Providers
    * Technology Partners
    * Apply to Become a Partner

 * Company
      Company
    * About Us
    * News & Press
    * Careers - We're Hiring!
    * Contact Us
    * Trust Center and Security

 
Share

APRIL 19, 2023• RESOURCES • UPCOMING WEBINARS



RED CANARY MAC MONITOR: A NEW, FREE TOOL FOR GATHERING MACOS TELEMETRY

The free-to-use software is intended to help researchers monitor and analyze
macOS system events, much like ProcMon for Windows systems.

REGISTER NOW

Wed., April 19, 2023

3pm ET (45 mins)

Virtual

Welcome back, Matt Shivers

Register Now

Not you?



The free-to-use software is intended to help researchers monitor and analyze
macOS system events, much like ProcMon for Windows systems.

 

Visibility is hard to come by on macOS systems. While there’s a wealth of
readily available tools that security teams and researchers can use to gather
telemetry from Windows systems, there’s a dearth of such tools available for
macOS. Organizations seeking better optics from their Apple devices have either
had to combine many very specialized tools or pay for a macOS-focused EDR
sensor. The resultant lack of visibility into macOS has an obvious consequence:
there is a deep knowledge gap about macOS threats and corresponding detection
and response strategies.

In this webinar, we’ll show you how we use the Red Canary Mac Monitor tool to
dig deep into macOS systems and improve our detection and response
capabilities—and how it helped us discover an exploitable Gatekeeper bypass
vulnerability in macOS. Attendees will leave this webinar with:

 * A better understanding of visibility limitations and possibilities in macOS
 * Strategies for leveraging visibility to expand macOS detection coverage
 * Additional knowledge about macOS’s Gatekeeper security feature, what it
   protects against, and how adversaries abuse it
 * Everything you need to know to download and install Red Canary Mac Monitor, a
   free tool for collecting telemetry from macOS system



MEET THE SPEAKERS

 

BRANDON DALTON

SENIOR THREAT RESEARCHER

Brandon has worked across government, academia, and the private industry on
high-stakes research and software engineering projects. These experiences have
propelled him onto Red Canary’s Threat Research team, where he works closely
with industry partners to improve EDR telemetry resolution for macOS detections.
Additionally, Brandon also leads several internal R&D projects to aid in these
objectives, predominantly in Swift and Python.
Brandon has worked across government, academia, and the private industry on
high-stakes research and software engineering projects. These experiences have
propelled him onto Red Canary’s Threat Research team, where he works closely
with industry partners to improve EDR telemetry resolution for macOS detections.
Additionally, Brandon also leads several internal R&D projects to aid in these
objectives, predominantly in Swift and Python.
 

MATT GRAEBER

DIRECTOR, THREAT RESEARCH

Matt has worked the majority of his security career in offense, facilitating his
application of an attacker’s mindset to detection engineering. By pointing out
gaps in detection coverage, Matt is able to effectively offer actionable
detection improvement guidance. Matt loves to apply his reverse engineering
skills to understand attack techniques at a deeper level in order to understand
the workflow attackers use to evade security controls.
Matt has worked the majority of his security career in offense, facilitating his
application of an attacker’s mindset to detection engineering. By pointing out
gaps in detection coverage, Matt is able to effectively offer actionable
detection improvement guidance. Matt loves to apply his reverse engineering
skills to understand attack techniques at a deeper level in order to understand
the workflow attackers use to evade security controls.

 * 
 * 
 * 


 * What We Do
   * Managed Detection and Response
   * Integrations
   * The Red Canary Difference
   * Get a Demo
 * Solutions
   * Atomic Red Team™
   * MDR Everywhere
   * MDR for Microsoft
   * Active Remediation
   * Replace your MSSP
   * Post-Breach Response
   * EDR Deployment
   * EDR Migration
   * Linux Security
   * Alert Triage
 * Resources
   * View all Resources
   * Blog
   * Guides & Overviews
   * Case Studies
   * Videos
   * Webinars
   * Events
   * Customer Help Center
   * Newsletter
 * Partners
   * Overview
   * Incident Response
   * Insurance & Risk
   * Managed Service Providers
   * Solution Providers
   * Technology Partners
   * Apply to Become a Partner
 * Company
   * About Us
   * News & Press
   * Careers – We’re Hiring!
   * Contact Us
   * Trust Center and Security

© 2014-2023 Red Canary. All rights reserved. info@redcanary.com +1 855-977-0686
Privacy Policy Trust Center and Security

 

 
 

 
Our website uses cookies to provide you with a better browsing experience. More
information can be found in our Privacy Policy.
OK
Privacy & Cookies Policy
Close

PRIVACY OVERVIEW

This website uses cookies to improve your experience while you navigate through
the website. Out of these cookies, the cookies that are categorized as necessary
are stored on your browser as they are essential for the working of basic
functionalities...
Necessary
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly.
This category only includes cookies that ensures basic functionalities and
security features of the website. These cookies do not store any personal
information.
Non-necessary
Non-necessary
Any cookies that may not be particularly necessary for the website to function
and is used specifically to collect user personal data via analytics, ads, other
embedded contents are termed as non-necessary cookies. It is mandatory to
procure user consent prior to running these cookies on your website.
SAVE & ACCEPT


Back to Top