Prima Virani (Twilio)
Supercharged Security! Self-Service Beyond Limits
This talk will discuss security and self-service tools and how we can take everything
forward to be a lot more productive, a lot less time consuming, and a lot more user-friendly.
From ClickOps to self-service and automation to sysaudit and file integrity monitoring, are APIs enough?
Thomas Reed (Malwarebytes)
Malicious notifications in Ventura
This talk will address some problematic changes to how Safari website notifications appear in Ventura. We’ll look at some examples of malicious notifications, how users are tricked into allowing them, and examine how an IT admin can spot these.
Bio: Thomas Reed has been using Macs since 1984, and in his spare time is a serious amateur photographer.
Noah Anderson (Kandji)
Cacheless AutoPkg in the Cloud
AutoPkg is a tremendous boon for MacAdmins everywhere, helping facilitate robust package creation and distribution. But running on-prem can be fragile, crossing your fingers during each OS upgrade and maintaining backups to hedge against data loss.
Running a CI/CD implementation offers numerous advantages, including greater redundancy, less complexity with macOS upgrades, and more flexibility adding new recipes or processors with source control and branching.
But for organizations maintaining a large number of recipes, there’s the ever-present tradeoff between maintaining gigabytes of reference downloads to reduce runtimes and discarding the cache after each run, incurring significant time cost when executing every single recipe to completion, or running recipes less frequently.
But wait! What if I told you it didn’t have to be this way? In this talk, we’ll dive deep into running a Docker container and Veertu’s Anka Cloud from a CI/CD pipeline, bootstrapping a Mac VM, and executing a metadata-as-cache workflow for AutoPkg in the Cloud so fast you’d swear it was on-prem.
Bio: Noah Anderson is Lead Systems Engineer at Kandji where he builds automations and manages key product features, including Auto Apps. Prior to Kandji, he worked for several years as a Lead Engineer on Target’s EDGE team, managing macOS devices at scale as well as serving as platform owner for Adobe creative technologies. He also has several years experience in the education space administering Mac computers for both higher ed and K-12.
Calvin Lee (Meta Platforms)
Our (Invisible) Journey to NanoMDM
At Meta we ran into scaling issues with the open source MicroMDM when managing dozens of profiles on tens of thousands of macOS devices per day. This talk will cover how we migrated to NanoMDM completely transparently to our users, along with the benefits of our new platform. In addition, we will give an overview of NanoMDM itself as well as new and future developments in the NanoMDM space, such as NanoDEP and command orchestration.
Bio: Calvin is a mathematician and long time contributor to open source linux desktop projects. He is a recent Production Engineer on the Client Platform Engineering team at Meta and is learning how to manage mac devices at scale. He loves programming languages and creating reliable infrastructure.
John Eberle (Tuxudo)
MunkiReport’s Move to Python 3
MunkiReport has finally moved to Python 3, only 3 years after 2.7 was end of lifed and 1 year after Apple removed it from Monterey. The talk would go into the start and stops of moving MunkiReport to Python 3, MunkiReport v6, and the end of like of PHP 7. Key points would be differences and unexpected bugs in moving from Python 2.7 to 3, wrangling 80+ module repos in GitHub, and testing the main MunkiReport client scripts.
Bio: John is a macOS Client Platform Engineer and is responsible for Macs all over the US. He’s one of the lead developers of MunkiReport having written or rewritten over half of its almost 90 modules. His love creating modules was the natural evolution of his passion for doing deep dives into macOS, data, and scripting.
Alex Narvey (Precursor Systems)
To Remind or Not to Remind? That is the question…
The state of Apple’s Software Update mechanism has caused Mac Admin’s to supplement Apple’s mechanisms by using projects like Erik Gomez’s Nudge, Second Son Consulting’s Renew, and Kevin White’s S.U.P.E.R.M.A.N. to push user’s into restarting and updating/upgrading.
Some admin’s have reported great success at getting their fleets updated with these tools.
However, some while some users respond to these warnings in a positive way, others grow bitter and seek to ignore the warnings.
Are we training users to ignore or to comply. Are we strengthening a trust relationship with our end users or are we building up enmity with them?
What makes users want to participate and what makes them want to ignore.
Are we just making more work for ourselves as Armin Briegel warns:
“My general rule is: the more you control the environment, the more work you have to do for your users. Less control, less work. If you really need need that level of control, you have to put in the effort to provide the tools the users need”
In this talk we take a brief look at Apple and third party encouragement tools.
Bio: Alex is a past presenter at MDOYVR and an Apple Certified IT Consultant at Precursor Systems.
Katie English (Jamf)
Why your data center will love Declarative Management
Apple’s new iteration of the MDM protocol radically changes what what we know about devices, and when we know it. This talk will dig into the technical differences between the legacy protocol and new declarations, with an emphasis on operational efficiencies and how admins can fine-tune their workflows.
Bio: Katie has spent more than two decades in Apple IT, and currently works in Jamf Product Strategy to enable Apple’s coolest features for enterprise administrators.
Stuart Ashenbrenner (Huntress)
(dm)XProtect: Stop, Drop, Shut malware down before it opens up shop
XProtect and XProtectRemediator (and MRT) are a couple of the primary security mechanism on macOS, aimed at blocking and remediating malware and threats. In this talk, we’ll look under the hood of these tools. We will dive into exactly how they operate at a low-level and how they interact with macOS. Furthermore, we’ll discuss how admins can leverage the information they provide, as well as if they’re enough of a AV solution within your security stack.
Bio: Stuart Ashenbrenner works at Huntress as a Staff macOS Researcher, focusing on macOS security and development. He has spoken at various conferences about macOS security, including Objective by the Sea. He is co-author and core developer on the open source, macOS incident response tool called Aftermath. He has perviously worked as a macOS detections engineer and a software engineer.
John Yang (ramp)
Passkey Deployment, for Today!
Passkeys represent the latest tool in the journey to a true Passwordless Experience for users, without sacrificing security, and giving the most flexibility with roaming authenticators.
Learn about some practical considerations for deploying Passkeys in it’s current iteration and implementation with Android/iOS, and why you may want to deploy them now, vs later.
Bio: John Yang is a Director of Corporate IT at Ramp.
Ramp is building the next generation of finance tools – from corporate cards and expense management, to bill payments and accounting integrations – all designed to save businesses time and money.
Previously, John has worked at Cruise, Alaska Airlines, and Virgin America before joining Ramp to lead the Corporate IT Team.
Joel Cedano (Addigy)
Leveraging Open Source Tools for CIS and NIST Security
Join Joel Cedano, Senior Product Manager at Addigy, as he guides you through the intricacies of the Apple security landscape. We’ll dive into the myriad of security risks that come with not properly protecting end-user devices and show you how to ensure the highest levels of security with the use of open source tools.
In this talk, you’ll gain a deeper understanding of the importance of safeguarding your Apple devices and walk away with practical, actionable solutions that protect your devices while delivering the Apple experience your end users expect.. Don’t miss out on this opportunity to elevate your security game!
Bio: With over six years of experience in the Apple device management space, Joel has developed a wealth of knowledge around securing and managing Apple devices . As a product expert at Addigy, he has successfully partnered with thousands of businesses — from small startups to Fortune 500 companies — to roll out, manage, and secure their Apple environments globally. Joel’s leadership in security initiatives and integrations has given his clients the peace of mind they need to effectively manage their devices.
Brandon Kurtz (Airbnb)
Homebrew alternative to Git Fat with first-class cloud storage
In this talk Brandon will demo a golang project he’s writing that can replace tools like Git Fat, with first class support for cloud storage like S3 and that works with any SCM tool.
Bio: Brandon does MacOps and WinOps @ Airbnb. He likes to use golang, config management, and open-source management tools.
Joel Rennich (JumpCloud)
Mix local with Cloud development using Mesh VPNs
Mixing local development with cloud deployment can be a real pain in the rear. Very few things work the same locally as in the cloud. What do you do? You develop locally, test via a mesh VPN with a live IP address, and then deploy in your favorite serverless provider.
Learn about using mesh VPNs to do local development on your Mac, in Go, while still getting all the benefits of being on a public IP address with easily obtained trusted Let’s Encrypt certs.
In a strange twist for Joel… no Swift code will be shown, instead we’ll build apps in Go in Visual Studio Code on a Mac and deploy them as a Lambda behind an API Gateway in a mater of minutes when we’re done.
While no Swift will be shown, it’s still loads better than Python
Bio: Joel Rennich released the popular open source application NoMAD in 2016 to make Mac admins’ lives easier. Before that he spent over a decade working at Apple as an Enterprise Systems Engineering Manager. Prior to Apple, Joel was frequently seen speaking at Macworld, WWDC, and other international conferences and gatherings of Apple-minded admins as the founder of AFP548.com.
He now chases butterflies as the Head of JumpCloud labs leading a team of developers who are much better than he is.
Henry Stamerjohann (Zentral)
Device Management at Scale with Terraform
In this talk, we’ll apply infrastructure-as-code principles to device management. We will see how Terraform-based GitOps increase consistency, reliability, and accountability in challenging environments.
First, we’ll define resources with the official Zentral Terraform provider. Next, we’ll set up a CI/CD pipeline to get an audit trail and automation. Then, finally, we’ll pull it all together with advanced workflows across multiple environments.
We have created a strong foundation for reliability and compliance. Now we can catch mistakes before they happen. When we streamline and reduce manual friction with GitOps, we free up time to focus on other critical tasks.
Bio: Henry Stamerjohann is based in Germany. He is a returning speaker at MDO:YVR and co-creator of Zentral, a powerful event and device management platform with exceptional Santa and Osquery management capabilities. He helps organizations run Zentral at scale and solve complex challenges in Apple Platform and device management. Henry is one of the founders of Zentral Pro Services GmbH.
Tim Sutton (Block)
Stories and learnings from macOS Continuous Integration at Scale
There are more use-cases than ever to build and test software or other automation workflows on Apple hardware. Folks do this both on-premises and using vendors offering bare metal and virtual machines.
We will take a look into our experiences managing a large Mac CI fleet, supporting hundreds of contributors and builds’ compute time measured in hours. We’ll also explore details of running EC2 Mac instances for the use case of continuous integration.
Bio: Tim Sutton is a software engineer at Block (formerly Square). Long-time Mac Admin fanboy, passionate about automation.
Greg Neagle (Walt Disney Animation)
Being Responsible: TCC and You
An ongoing challenge in managing macOS is dealing with Apple’s TCC (Transparency, Consent, and Control) mechanism. Greg will dig into this macOS feature and share what he’s learned recently when getting Munki to work with Ventura’s new App Management protection. You’ll learn about the “Responsible Process” and how you might deal with TCC issues in your own scripts and tools.
Bio: Greg Neagle has been deploying and managing macOS machines for over two decades at Walt Disney Animation Studios, a studio with a long history of family entertainment reaching back to “Snow White and the Seven Dwarfs” and forward to our latest film, “Wish”, coming this fall.
Several Mac management tools developed by Greg have been released as open source by Disney Animation. Among those are Munki, a software deployment framework, and Reposado, a platform-agnostic replacement for Apple’s Software Update service. He is also a maintainer of the popular AutoPkg tool. Greg has presented on various aspects of macOS management at conferences in Europe and North America. Greg is excited to return to MacDevOps YVR!
Ritu Gill (OSINT Techniques)
Online Privacy and Risk Management
One of the keys to online research is finding the digital breadcrumbs that people leave behind online. That said, this talk covers online privacy mistakes people often make that leave them vulnerable to bad actors. Ways to minimize the risk will be discussed including talking about OPSEC and basic tips everyone can use to protect their online footprint
Bio: Ritu Gill is an Intelligence Analyst with over 15 years of experience working with Canadian law enforcement, 12 of those years were with the Royal Canadian Mounted Police (RCMP).
During her tenure with the RCMP, she specialized in open source intelligence, and worked on high profile investigations. As part of RCMP’s international capacity building program, Ritu trained law enforcement in Bangladesh and India in the use of the internet as an investigative tool.
In 2016 Ritu set up a consulting business providing OSINT training and research to law enforcement and related entities across North America. Ritu holds a Bachelor’s Degree in Criminology from Kwantlen Polytechnic University and is actively involved in the OSINT community.
Website: https://www.osinttechniques.com
Twitter: https://twitter.com/OSINTtechniques
Samuel Keeley (Staff Enterprise Security Engineer)
Massively deploying Security Keys with a little help from osquery and friends
It has been clear for quite some time that passwords, including one-time passwords, are something that need to be phased out rapidly. Rolling out security keys to users has become a high priority for organizations recently, but finishing the transition and ensuring that all users were only using security keys can present many challenges, especially with a now-distributed workforce. Through crafty use of tools including osquery on macOS, the transition can be completed with a rapid pace. This talk will walk through the challenges, both technical and logistical, and offer insights on how organizations can complete this work with high confidence and low user friction.
Bio: Samuel Keeley is a Staff Enterprise Security Engineer, focused on internal user-facing applications, access, and endpoints.
Elizabeth Ponce (Client Engineer at Airbnb)
My first (almost) year as a Client Engineer
This talk will share out my learnings and key takeaways from my first year on the Client Engineering team. Including, how I leverage my Conflict Resolution computer science to learn complex configuration management systems, the importance of connecting with others in a remote environment and for increased learning, and more!
Bio: After graduating with her BS in Conflict Resolution, Elizabeth joined Airbnb in 2017 as a Customer Support Agent, and found a love of code during an “Intro to Web Dev” class at work. She was hooked and forged her own path to Engineering with grit and determination, along the way forming a women in engineering ERG, and going back to uni for a second Bachelor’s degree in Computer Science while working full time.
After moving to the Tech org in 2021, she completed a year of engineering rotation positions and has been on the Client Engineering team since August of 2022.
Sharvil Shah (Independent Consultant)
Building next-gen security tools with EndpointSecurity APIs
In this talk, we will explore the evolution of Apple’s EndpointSecurity APIs on macOS, and how the newer enriched event types in macOS Ventura enables us to build next-gen security tools. We will look at this functionality in osquery and other custom built tools, and explore use-cases such as Data Leak Prevention and Detection, detecting process injection, detecting persistence, and remote auth events.
We will end the talk, with a little bit of speculation towards the future and how Apple is building the frameworks bit by bit, and how these can be leveraged to build a single-pane-of-glass regarding security, compliance and audit on the Mac.
Bio: Sharvil is a software engineer and consultant working on endpoint security and endpoint agents on macOS. He regularly consults on all things osquery with companies like FleetDM. He is a core developer and contributor to osquery, and is a member of osquery Technical Steering Committee. He is previously presented at MacDevOps and ObjectiveByTheSea
MacDevOpsYVR 