Episode 348: Stuart & Matt On Aftermath
Aftermath is a Swift-based, open-source incident response framework. We’re here with the main contributors to the project to talk about incident response, security life on macOS in late 2023, and using good tools to help make security better.
Hosts:
- Tom Bridge, Director of Product Management, Devices, JumpCloud – @tbridge@theinternet.social
- Charles Edge, CTO, Bootstrappers.mn – @cedge318
Guests:
- Stuart Ashenbrenner, macOS Security Researcher, Huntress – LinkedIn
- Matt Benyo, macOS Threat Researcher – LinkedIn
Links:
- Aftermath on Github: https://github.com/jamf/aftermath
- Jamf post about Aftermath: https://www.jamf.com/blog/aftermath-open-source-incident-response-tool/
- Jaron’s Book: https://www.amazon.com/OS-Incident-Response-Scripting-Analysis-ebook/dp/B01FHOHHVS
- Episode with Jaron from the Jamf Threat Labs Team: https://podcast.macadmins.org/2021/08/09/episode-228-supply-chain-attackery/
- https://xkcd.com/2867/
- Venator (now retired): https://github.com/richiercyrus/Venator
Listen:
Sponsors:
Patreon Sponsors:
The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson
Sponsor the Mac Admins Podcast:
If you’re interested in sponsoring the Mac Admins Podcast, please email sponsor@macadminspodcast.com for more information.
Social Media:
Get the latest about the Mac Admins Podcast, follow us on Twitter! We’re @MacAdmPodcast!
Support the podcast by becoming a backer on Patreon. All backer levels get access to exclusive content!
