Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore Apple's FSKit APIs for writing filesystems in userspace through this 19-minute conference talk that examines both the capabilities and security implications of this new technology. Begin with a brief history of userspace filesystems and understand why they belong outside the kernel, then dive deep into practical implementation by building a pseudo filesystem using FSKit. Learn how to leverage these filesystems for security applications, including creating honeypots and tripwires to detect infostealers and malware targeting macOS systems. Discover the dual nature of this technology by examining whether malware can exploit FSKit-based filesystems to evade detection mechanisms. Gain insights from a security-focused software engineer with extensive experience in macOS endpoint agents, and access comprehensive slides to reinforce the technical concepts covered in this Objective-See Foundation presentation.
