Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the evolution of Mac Monitor, an open-source macOS security monitoring tool built on Apple's Endpoint Security APIs. Learn how this "ProcMon for macOS" has advanced since its 2023 release, featuring major telemetry updates standardized to Apple's ESLogger, new event types, enhanced integrations, and improved correlation capabilities. Discover how to operationalize the Endpoint Security event stream for threat detection and analysis, while examining new features that enable analysts to trace specific system activity with greater precision. Gain insights into dynamic event subscriptions, filtering mechanisms, path muting, and enrichment techniques that help security professionals prototype detection ideas and analyze system behavior. Understand the technical implementation of this SwiftUI application that democratizes access to Apple's standardized security events, covering everything from atomic system calls like fork and exec to composite events such as tcc_modify.
