Jamf Threat Labs’ Aftermath: a Rapid Incident Response tool for macOS

Jamf Threat Labs team created Aftermath, a Swift-based, open-source incident response framework tailor-made for macOS.

After a security incident has occurred, rapid collection can take place with Aftermath running a series of modules, creating an output archive ready to be analyzed.

You now have the critical incident data needed to perform a detailed investigation.

Aftermath can be run independently from an endpoint’s command line but was built to be deployed via a device management system to collect results at scale.

Link:
https://trusted.jamf.com/docs/rapid-incident-response-macos

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Share via
Copy link