Register For Webinar: Thwarting Mac T-2 Encryption & SIP With AXIOM Cyber Remote Acquisition

MacOS has created roadblocks for examiners for years. Investigators must contend with not only hardware-based encryption like the T-2 chip, to System Integrity Protection (SIP), which prevented disk and write access to specific directories across the Mac. Now with macOS Catalina (10.15) we find even more complications with the addition of a new read-only volume found on macOS endpoints. In this webinar we will review some of the challenge’s examiners have faced when investigating mac’s in recent years as well as demonstrate how AXIOM Cyber can quickly and covertly connect to and acquire from the latest Mac endpoints. We’ll also discuss future enhancements to AXIOM Cyber and solicit feedback from attendees on what they would like to see added to the tool.

Join Trey Amick and Drew Roberts from Magnet Forensics and learn how AXIOM Cyber can acquire from macOS endpoints without disabling SIP or having to work around T-2 based Macs.

Date: Wednesday, June 17, 2020Time: 11AM EST 
Presenters: Trey Amick and Drew Roberts

Register here

Get The Latest DFIR News!

Top DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Leave a Comment

Latest Videos

Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS

Forensic Focus 22nd June 2022 5:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...