Exploring Observability on macOS: A Resource Compilation

In the dynamic realm of technology, staying vigilant about the security and observability of our systems is paramount. macOS, the operating system that powers our Apple devices, is no exception. Whether you're a seasoned macOS enthusiast or a curious learner, here's a compilation of resources that delve into observability and security on macOS.

Open Source Projects

1. macOS Security Compliance - GitHub

   This open-source project focuses on generating security guidance from NIST SP 800-53, providing comprehensive security controls for macOS systems. It's a collaborative effort involving NIST, NASA, DISA, and LANL.

2. Zentral - Website

   Zentral offers a consolidated view for endpoint monitoring by integrating features from Santa and Osquery. With event-based stream processing and support for multiple data store backends SIEMs, Zentral enhances observability.

3. Osquery - Website

   Osquery is a remarkable SQL-powered operating system built for instrumentation, monitoring, and analytics on macOS, Linux, and Windows. It empowers you to gain insights into system behavior through structured queries.

4. Santa - Website

   Santa serves as a binary authorization system for macOS, providing control over what code can run on your systems. It's a significant step towards enhancing security by allowing or denying the execution of binaries.

5. Fleet - Website

   Fleet is a lightweight, programmable telemetry platform designed for servers and workstations. It gathers data from various devices and operating systems without introducing downtime risks.

YouTube Videos

1. Osquery - Watch

   Allister Banks dives into Osquery, shedding light on its capabilities and potential use cases. This presentation from the MacDevOpsYVR 2016 Conference offers insights into harnessing Osquery's power.

2. Santa - Watch

   Allister Banks takes the stage again at the MacDevOpsYVR 2016 Conference, this time explaining Santa. Gain a deeper understanding of this binary authorization system and its implications.

3. Santa Upvote - Watch

   Matt Doyle elaborates on Santa and Upvote at the MacDevOpsYVR 2018 Conference. Discover the intersection of security and user input through Santa's lens.

4. Hosting FleetDM in EKS - Watch

   Prima Virani shares her team's journey in setting up FleetDM in Amazon Elastic Kubernetes Service (EKS). This video is a valuable resource for those looking to explore Fleet in the cloud.

5. macOS Persistence Techniques - Watch

   Csaba Fitzl delves into macOS persistence techniques, shedding light on strategies used by malicious actors. This knowledge can aid in creating Osquery watch lists to detect potential security threats.

In the ever-evolving landscape of technology, knowledge is your greatest armor. These resources provide insights into the world of observability and security on macOS. Whether you're a seasoned professional or a curious learner, there's something here to enrich your understanding and empower you to safeguard your digital ecosystem. Happy learning and exploring!

Raell Dottin