learn how to detect & analyze macOS malware.
Note:
🙅🏻‍♂️ The (in-person) training is now sold-out.
If you are still interested in joining us please email (training@objective-see.com) us, to join the in-person waiting list.
🏨 Due to high demand, there now, are no more rooms available at the conference hotel on Monday, Oct 3rd (the first day of trainings). Other dates (Tuesday, Oct 4th+ are still available).
Other nearby options include:
🙅🏻‍♂️ The (in-person) training is now sold-out.
If you are still interested in joining us please email (training@objective-see.com) us, to join the in-person waiting list.
🏨 Due to high demand, there now, are no more rooms available at the conference hotel on Monday, Oct 3rd (the first day of trainings). Other dates (Tuesday, Oct 4th+ are still available).
Other nearby options include:
- Hotel Antiga
- Hotel Platja Mar
- La Estrella del Mediterráneo
- AirBnB, and other apartments (check booking.com)
Training Overview:
We'll cover a myriad of topics, including:
- Common infection vectors, persistence, and capabilities of macOS malware.
- Introduction to tools and techniques used to classify and analyze (malicious) binaries.
- Hands-on (static and dynamic) analysis of macOS malware uncovering its; infection vectors, persistence, and payloads.
- Exploring programmatic methods and Objective-See's open-source tools & libraries, to create detection capabilities.
Price: €2,999
Date: Oct. 3rd - 5th
Location: Le MĂ©ridien Ra Beach Hotel & Spa (the conference venue)
...in the tbd room.
Training Details:
As macOS grows in popularity, so does the prevalence of malware targeting this platform ...including those designed to run natively on Apple Silicon.
Ever wanted to learn exactly how to tear apart these malicious creations in order to reveal their inner workings? Or how to craft tools capable of programmatically detecting even new threats? Here's your chance!
In this content-packed three-day course, Mac security expert and author Patrick Wardle will teach the tools and techniques needed to comprehensively analyze and understand malware targeting Apple's desktop OS. Moreover, we'll discuss heuristic-based approaches to programmatically detect such threats.
...and yes, during the training you'll be able try out the analysis concepts, directly upon captured macOS malware! 🤗
Suggested Prerequisites
In order to get the most out of this training, attendees should have a basic understanding of the following:
- Malware concepts
- Reversing topics and tools
- Programming topics (ideally some coding experience)
- Part 0: Introduction
Covers basic macOS malware and security concepts (such as common infection vectors & persistence). - Part 1: Static Malware Analysis
Starts by explaining how statically triage a sample, for example via extracting embedded strings, code-signing information (and entitlements), and more. Binary disassembly (both Intel and Arm) will also be covered and explored, to illustrate how details of malware's inner workings may be uncovered. - Part 2: Dynamic Malware Analysis
Covers dynamic analysis tools (such as Objective-See FileMonitor and ProcessMonitor) to passively observe malware's action. Various debugging concepts will also be taught, in order to analyze more complex malware samples. - Part 3: Programamtically Detecting Malware
Explores how to programmatically uncover infections by examining running processes, network connections, and more! You'll be able to leveraging Objective-See's open-source libraries (built atop Apple new Endpoint Security Framework), build your own malware detection and analysis tools.
- MacBook
- VMWare Fusion (with Catalina or Big Sur VM)
- Xcode (with cmdline/developer tools)
- Disassembler (IDA, Hopper, Ghidra, etc.)
Training Instructor:
Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the "The Art of Mac Malware" book series, and founder of the "Objective by the Sea" macOS Security conference.
Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.
Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing both books, and free open-source security tools to protect Mac users.
ℹ️ Cancellation Policy:
- Cancellations up to a month before the training (Sept. 3rd), will be 100% refunded (minus payment processing fees).
- Cancellations less than a month before the training cannot be refunded.