MacOS Forensic Investigation

MacOS Forensic Investigation

The goal of this workshop is to equip participants with the essential knowledge and practical skills needed to perform forensic analysis of macOS systems in the context of modern threats.

Although macOS devices still represent a smaller share of enterprise environments compared to Windows, they are increasingly targeted by threat actors. As a result, macOS security and forensic analysis remain less mature and underrepresented in many organizations’ defensive strategies. Recent industry reports — including findings from Red Canary showing a 400% increase in macOS-related threats between 2023 and 2024 — highlight the urgent need for improved visibility and expertise in this area.

Make sure to register through Zoom Platform vi following link: Registration Link

Learning Objective:

• Creating logical and triage images of macOS devices
• Identifying and interpreting key system artifacts
• Investigating artifacts for evidence of threat actor activity
• Utilizing common forensic tools to support analysis
• Understanding the evolving macOS threat landscape

Make sure to register through Zoom Platform vi following link: Registration Link
Make sure to follow BSides Gothenburg on LinkedIn for coming updates.