Supply chain compromises remain an effective technique for attackers to get their malware on a wide array of victims. In this talk we will discuss some of the free and open source MacOS tooling that we use to help defend our networks. We will then walk through how one can use these tools and others to build context around the data they generate to find new, unknown threats and independently identify malware in your environments.
You can identify the next supply chain compromise yourself, proactively.