Let’s say a machine in your corporate fleet gets infected with malware. How would you detect it? How could you find out what happened on the machine? What did the malware do? Did it steal your browser’s passwords? What network connections did the malware make? Was it looking for crypto currency? By having good telemetry and a good host monitoring solution for your machines you can collect the context necessary to answer these important questions.
Proper host monitoring on macOS can be very difficult for some organizations. It can be hard to find mature tools that proactively detect security incidents. Even when you do find a tool that fits all your needs, you may run into unexpected performance issues that make the machine nearly unusable by your employees. You might also experience issues like having hosts unexpectedly shut down due to a kernel panic. Even if you are able to pinpoint the cause of these issues you may still be unable to configure the tool to prevent the issue from recurring. Due to difficulties like these at Dropbox, we set out to find an alternative solution.
Exactly what it says on the tin.
Security is at the forefront of any transaction transiting over the web – be it a file operation on a remote server, a purchase, or a banking operation. And usually, there is a trade-off between strong security and availability of resources for user applications.
I had a glimpse at the article by curiosity since I don’t use macOS.
There was much insight into how one could potentially implement monitoring/security for a hobby operating system. Hobby operating system usually do not have specific tools for this purposes and certainly there are no commercial tools available.