Articles By Will Yu

Engineering

Mac system extensions for threat detection: Part 3

Part 3 of this series gives an overview of the new SystemExtensions and EndpointSecurity framework, how to use them, and development caveats.

Engineering

Mac system extensions for threat detection: Part 2

Part 2 of this series offers up tips and tricks for uncovering even more information about macOS file system, process, and network events.

Engineering

Mac system extensions for threat detection: Part 1

In part 1, we’ll go over some of the frameworks accessible by kernel extensions that provide information about file system, process, and network events.