A binary authorization and monitoring system for macOS

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

Digging Deeper....

Tinfoil Chat - Onion-routed, endpoint secure messaging system

"The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.

Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

Awesome list of keywords and artifacts for Threat Hunting sessions

Fast and efficient osquery management

A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.

Automatically audit your Mac for basic security hygiene.

A binary and file access authorization system for macOS.

The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能， 而不用关心底层驱动的开发、维护和兼容性问题，让其可以专注于业务开发

iDefender - The Infinite Potential Host Intrusion Prevention System (HIPS) & Real-time Endpoint Detection and Response for Home

monitor macOS for malicious activity

Authorization extension for popular web-frameworks to protect your endpoints

Endpoint detection & Malware analysis software

Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

Collection of tool you need to have in your Endpoint Detection and Response arsenal

Windows Exploit Protection Settings (Ultimate) GUI

A macOS behavior audit / event monitoring system with scope of file, process and network events (based on Endpoint Security Framework).