Mastering Apple Endpoint Security for Advanced macOS Malware Detection

Name: Mastering Apple Endpoint Security for Advanced macOS Malware Detection
Description: Apple's Endpoint Security framework (ESF) is the official, Apple-sanctioned mechanism for building security products on macOS. It replaced the deprecated kext-based approach and is the foundation upon

Patrick Wardle

DEF CON 33 · Day 1 · Main Stage

Apple's Endpoint Security framework (ESF) is the official, Apple-sanctioned mechanism for building security products on macOS. It replaced the deprecated kext-based approach and is the foundation upon

AI review

The definitive reference on Apple ESF — auth/notify semantics, deadlock traps, muting abuse, and coverage gaps — from the person who has done more macOS security research than anyone else in the room.

Watch on YouTube