BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Nothing but Net: Leveraging macOS's Networking Frame
 works to\n   Heuristically Detect Malware\n   When: Friday\, Aug 11\, 16:3
 0 - 17:15 PDT\n   Where: Caesars Forum - Forum - 105\,135\,136 - Track 1 -
  [1]Map\n\n   SpeakerBio:Patrick Wardle \, Objective-See Foundation\n   Pa
 trick Wardle is the creator of the non-profit Objective-See\n   Foundation
 \, author of the “The Art of Mac Malware” book series\,\n   and founde
 r of the "Objective by the Sea" macOS Security conference.\n\n   Having wo
 rked at NASA and the NSA\, as well as presenting at countless\n   security
  conferences\, he is intimately familiar with aliens\, spies\,\n   and tal
 king nerdy.\n\n   Patrick is passionate about all things related to macOS 
 security and\n   thus spends his days finding Apple 0days\, analyzing macO
 S malware\, and\n   writing books and free open-source security tools to p
 rotect Mac\n   users.\n\n   Twitter: [2]@patrickwardle\n\n   Description:\
 n   As the majority of malware contains networking capabilities\, it is\n 
   well understood that detecting unauthorized network access is a\n   powe
 rful detection heuristic. However\, while the concepts of network\n   traf
 fic analysis and monitoring to detect malicious code are well\n   establis
 hed and widely implemented on platforms such as Windows\, there\n   remain
 s a dearth of such capabilities on macOS.\n\n   This talk aims to remedy t
 his situation by delving deeply into a\n   myriad of programmatic approach
 es capable of enumerating network\n   state\, statistics\, and traffic\, d
 irectly on a macOS host. We will\n   showcase open-source implementations 
 of relatively overlooked\n   low-level APIs\, private frameworks\, and use
 r-mode extensions that\n   provide insight into all networking activity. A
 nd\, by leveraging these\n   techniques\, you will learn how to efficientl
 y and generically detect\n   both known and unknown threats targeting macO
 S!\n\n   REFERENCES\n         - J. Levin [3]http://newosxbook.com/src.jl?t
 ree=listings&file=netbottom.c\n         - P. Wardle [4]https://objective-s
 ee.org/blog/blog_0x72.html -\n         Will Yu / Elastic [5]https://www.el
 astic.co/blog/mac-system-extensions-for-threat-detection-part-3\n\n   '\n\
 n   1. #CaesarsForumBR\n   2. https://twitter.com/patrickwardle\n   3. htt
 p://newosxbook.com/src.jl?tree=listings&file=netbottom.c\n   4. https://ob
 jective-see.org/blog/blog_0x72.html\n   5. https://www.elastic.co/blog/mac
 -system-extensions-for-threat-detection-part-3\n\n\n
DTEND:20230812T001500Z
DTSTART:20230811T233000Z
LOCATION:DC - Caesars Forum - Forum - 105\,135\,136 - Track 1
SUMMARY:Nothing but Net: Leveraging macOS's Networking Frameworks to Heuris
 tically Detect Malware
END:VEVENT
END:VCALENDAR