Digita Security

Cybersecurity solutions for the

  • modern
  • mobile
  • independent
  • innovative
  • enterprising

macOS workforce

Professional Training Services

The leaders in macOS cybersecurity are excited to offer professional training services to the macOS professional community.

Our goal is to arm Mac Admins and security professionals with the knowledge and skills to effectively and efficiently detect, analyze, and respond to security incidents.

To inquire about pricing, further details, or to sign up for a course, please contact us.

Contact: training@digitasecurity.com


Mac Malware Detection & Analysis

Course Overview:

Apple’s desktop OS is now, more than ever, targeted by malware. In this content-packed 1-day course, the Mac security experts of Digita Security will teach exactly how to both uncover and analyze macOS malware.

Available Offerings:

"Objective by the Sea" Conference - May 31st, 2019

Suggested Prerequisites:
  • Basic understanding of malware
  • Basic understanding of reversing/tools
  • Basic understanding of programming topics

Required Setup:
  • MacBook
  • VMWare Fusion (with Mojave VM)
  • Xcode (with cmdline/developer tools)
  • Disassembler (IDA, Hopper, Ghidra, etc.)

Course Outline:
  • Part 0: Introduction: In the first part of the course, we’ll cover basic macOS malware and security concepts (such as common infection vectors, persistence, etc).

  • Part 1: Dynamic Malware Analysis Next, we’ll dive into dynamic malware analysis. Using real macOS malware specimens we'll illustrate how to use analysis tools such as MonitorKit to passively observe malware’s action. Digging further into MonitorKit (our free, open-source monitoring framework) we’ll walk-thru examples of leveraging the framework to quickly construct powerful monitoring utilities which can passively, yet comprehensively, observe malicious behaviors.

  • Part 2: Static Malware Analysis Dynamic analysis is best complemented by static analysis. In this part of the training we’ll cover using common static analysis tools in order to tear apart real world Mac malware. Again, we'll utilize actual malware specimens to give a true hands on experience.

  • Part 3: Detecting Malware With GamePlan In the final part of the training, we'll walk thru detecting advanced threats via GamePlan. Specifically, you’ll learn to write rules (predicates) to detect malicious behavior and exploits.