- This event has passed.
Macbrained’s August Meet-Up @ Yelp
August 13, 2015 @ 6:00 pm - 8:00 pm
As the summer comes to a close, join us for our August meet-up hosted by Yelp. We’ll be learning more about Yelp’s in-house developed solution for security alert management, OSXCollector, as well as hearing from Jason Miller (and other attendees, if you’d like to share) about the recent PSU MacAdmins conference.
6 – 6:30 p.m. Meet & Greet – Food, Drinks, Networking
6:30 – 6:45 p.m. Host Remarks – Yelp
6:45 – 7:30 p.m. OSXCollector: How to stop the bleeding, contain and eradicate threats – Ivan Leichtling|Yelp
7:30 – 8 p.m. PSU MacAdmin Conference Wrap-Up – Jason Miller|Lawrence Berkeley Labs
8 – 10 p.m. Continue The Conversation @ ThirstyBear Brewing Co. – 661 Howard St.
OSXCollector – Yelp uses Macs a lot, which means that they see their fair share of Mac-specific security alerts. Host based detectors alert them about known malware infestations or weird new startup items. Network based detectors see potential C2 callouts or DNS requests to resolve suspicious domains.
When alerts fire, their incident response team’s first goal is to “stop the bleeding” – to contain and then eradicate the threat and then move to “root cause the alert” – figuring out exactly what happened and how they’ll prevent it in the future. One of their primary tools for root causing OS X alerts is OSXCollector.
OSXCollector is an open source forensic evidence collection and analysis toolkit for OS X. It was developed in-house at Yelp to automate the digital forensics and incident response (DFIR) their crack team of responders had been doing manually.
This meet-up is proudly sponsored by JAMF Software.