Hi [[ session.user.profile.firstName ]]

Automated Device Setup & Mac platform “ecosystem security”

This talk asks a simple question that’s difficult to answer: what are all the things that need to be true, in order for a company to have full confidence that a Mac is “secure” by the time it’s fully configured and ready for use by an employee on day 1? Answering this question requires covering some vast security engineering terrain, including Certificate Authorities, T2, Secure Boot, device attestation, TLS, and OS platform security features such as Notarization. This talk will ask more questions than it answers, and is meant to be a jumping-off point for discussion and further research (both myself and others).

This video was recorded at the MacSysAdmin Conference in Gothenburg, Sweden. October of 2019.
Recorded Oct 15 2019 52 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jesse Endahl
Presentation preview: Automated Device Setup & Mac platform “ecosystem security”

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Automated Device Setup & Mac platform “ecosystem security” Recorded: Oct 15 2019 52 mins
    Jesse Endahl
    This talk asks a simple question that’s difficult to answer: what are all the things that need to be true, in order for a company to have full confidence that a Mac is “secure” by the time it’s fully configured and ready for use by an employee on day 1? Answering this question requires covering some vast security engineering terrain, including Certificate Authorities, T2, Secure Boot, device attestation, TLS, and OS platform security features such as Notarization. This talk will ask more questions than it answers, and is meant to be a jumping-off point for discussion and further research (both myself and others).

    This video was recorded at the MacSysAdmin Conference in Gothenburg, Sweden. October of 2019.
  • Fleetsmith Product Overview Recorded: Oct 8 2019 20 mins
    Zack Blum
    New-device setup, inventory, patching, and security—if you could automate all four, what would you do with all of your free time? Well, Fleetsmith does automate all four, and we can't wait to see what amazing, career-changing projects you'll ship next!

    In this session, Zack Blum, Fleetsmith's Co-founder and CEO, will share a quick Fleetsmith walkthrough. We'll cover:

    1. Our three click, secure-over-the-internet, no-manual-work macOS upgrade flow;

    2. Automatic FileVault encryption with automatic key escrow that just works;

    3. Fleet-wide deployment of Google Chrome, with client-side config sans hand-crafted mobileconfigs; and

    4. Advanced security magic, like client-side deployment and configuration of security logging and alerting with osquery, centralized log aggregation via Filebeat, and binary whitelisting and blacklisting with Google Santa.

    …all in just a few clicks.
Fleetsmith
Fleetsmith

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Automated Device Setup & Mac platform “ecosystem security”
  • Live at: Oct 15 2019 6:00 pm
  • Presented by: Jesse Endahl
  • From:
Your email has been sent.
or close