Learn to build effective macOS threat detection systems through this 26-minute conference talk that focuses on practical, deployable security detections. Explore a curated collection of detection methods that balance simplicity with effectiveness, designed to be lightweight enough for organizations with basic EDR and SIEM setups while remaining powerful enough to identify genuine threats. Discover real-world examples that have successfully detected malware, advanced persistent threat (APT) activity, and post-exploitation behavior in production environments. Gain insights from practical case studies and the threat stories these detections have uncovered, presented by Jaron Bradley, Directory of Threat Labs at Jamf Software, who specializes in researching innovative approaches to detecting malicious activity on macOS systems.