Agenda
- Introduction
Why macOS is no longer a low‑visibility platform for attackers.
- 25-minute Analyst Walkthrough:
A real macOS malware incident investigated by the SOC, from the H2 2025 Threat Findings Report, showing how the threat entered, executed, and was contained:- Triojanised software and user-led execution
- Abuse of trusted platforms and native macOS features.
- Where detection occurred and where human analysis was required.
- Detection & Response in Practice
- Lessons Learned: What to Apply in Your Environment
What you'll learn
- How modern macOS threats rely on technique and trust, not exploits.
- The common entry points attackers use on macOS today.
- Why macOs malware looks like from a SOC analyst's perspective.
- Where endpoint tools detect activity and where context matters.
- How real-world macOS incidents are contained before business impact.
- Where user awareness makes the difference.
- Practical actions to reduce macOS risk across your environment.
Presenter
Robert Sterio
SOC Analyst
Robert is a Cyber Security Analyst at Cyberseer, specialising in the investigation and analysis of real‑world cyber threats. Working within Cyberseer’s Security Operations Centre, Robert focuses on identifying malicious behaviour, analysing attacker techniques, and translating complex security findings into actionable insight for security teams. His work contributes directly to Cyberseer’s threat research and customer protection, with a particular focus on early‑stage detection and behavioural‑based threat analysis.
Enter your details to view the recording:
Interested in a service?
If you would like to know more view our resources, request a demo or get in touch with us!
