Seeing as we need to disable SIP,
It would be nice if something could let you know if you get malware. Some immediately say that once malware has your machine, there's nothing you can do. Not so. File Integrity Monitoring creates a hash snapshot of your files and stores them on another machine. If something changes that you didn't expect, the unaffected machine will let you know.
OSSEC is the most well known open source thing to do this. Tripwire is a more commercial solution. Defender Endpoint is marketed as Windows Defender ported to MacOS, and can have reporting back to Microsoft turned off for privacy.
Which is easiest to setup?
[link] [comments]
Post a Comment