[MIDAS] Mac Intrusion Detection Analysis System

MIDAS is a framework for developing a Mac Intrusion Detection Analysis System, based on work and collaborative discussions between the Etsy and Facebook security teams. This repository provides a modular framework and a number of helper utilities, as well as an example module for detecting modifications to common OS X persistence mechanisms.
The MIDAS project is based off concepts presented in Homebrew Defensive Security and Attack-Driven Defense, as well as lessons learned during the development of the Tripyarn and BigMac products.
Our mutual goal in releasing this framework is to foster more discussion in this area and provide organizations with a starting point in instrumenting OS X endpoints to detect common patterns of compromise and persistence.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s