Ransomware Canaries for MacOS
E
Elijah Kibbe
Huntress currently lacks support for Ransomware Canaries on MacOS, which are available on Windows. Adding this feature to MacOS would provide a more comprehensive security solution, aligning the capabilities across different operating systems and improving threat detection and response for Mac users.
Matthiew Morin (Huntress)
I am going to edit this post to be specifically about Ransomware Canaries on macOS.
For SIEM Support for macOS, please follow this request: https://feedback.huntress.com/feature-requests/p/macos-siem-log-collection
S
Stuart Ashenbrenner
Hi Elijah Kibbe! I appreciate the feedback!
I agree with integration on SIEM, and we currently have that on the roadmap. On the Ransomware Canaries side of things, we have put quite a bit of thought/research into this. Because ransomware hasn't successfully worked/executed on a macOS host yet (not just at Huntress but macOS as a platform in general), it seems like this would strictly be a parity play and not adding a ton of security value.
If we start to see ransomware occurring on Mac systems, we will get something in place quickly, and I'll be monitoring that close.