Rewind, Revisit, Reinforce, Retain with OnDemand - Special Offer Available Now


To attend this webcast, login to your SANS Account or create your Account.

When Macs get Hacked

  • Monday, May 05, 2014 at 3:00 PM EDT (2014-05-05 19:00:00 UTC)
  • Sarah Edwards

You can now attend the webcast using your mobile device!



Computer intrusion cases usually consist of Windows or *nix systems, if you are lucky. Mac intrusion cases are a rare breed. These cases have the potential to become more popular with the growing market share of Macintosh systems. Many companies and government entities use Macs as their preferred system. This presentation and hands-on lab will introduce you to incident response and intrusion analysis of the Mac.

Speaker Bio

Sarah Edwards

A self-described Mac nerd, Sarah Edwards is a forensic analyst, author, speaker, and both author and instructor of SANS FOR518: Mac and iOS Forensic Analysis and Incident Response.  She has been a devoted user of Apple devices for many years and has worked specifically in Mac forensics since 2004, carving out a niche for herself when this area of forensics was still new. Although Sarah appreciates digital forensics in all platforms, she has a passion for working within Apple environments and is well known for her work with cutting-edge Mac OS X and iOS, and for her forensic file system expertise.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.