When it comes to cyber crime, an adversary's end goal is to discreetly run a profitable campaign and walk away scot-free. History tells us that they tend to narrow in on the largest audience available in an effort to increase the odds of finding a vulnerable target, and causing widespread pain. While this has historically made Windows machines a more susceptible group, attacks on macOS have been on an increase.
This is likely because macOS adoption in the enterprise is growing quickly, and the departments or user groups of Macs are often mission/business critical users with access to sensitive information (developers & engineers, executives, etc). Rather than suggesting that Macs are more secure, a more accurate statement might be “relative to other systems, macOS used to be less targeted".
Today, security and IT administrators are responsible for keeping a tight security posture for these Mac workstations, however the majority of legacy security vendors are focused on Windows. Enter osquery.
Osquery was built with macOS (and Linux) in mind. While it isn’t the only tool that can provide visibility into system and state data, osquery also supports containers and Windows, making it an ideal tool for organizations with diverse server and workstation environments.
Pat Haley, our Principal Sales Engineer, will use this video to review 8 macOS security best practices that can be implemented today regardless of if you are a hobbyist or a professional. As a follow up, you’ll learn how osquery can help get visibility into these recommended security controls.
After this video's brief introduction, you can dig deeper into osquery and its macOS functionality in these related pieces:
If you’re interested in exploring more about macOS security best practices and how osquery can serve as a way to manage and get visibility into these controls, sign up for our on-demand webinar.