Matthew Lucas-Clarke
Matthew Lucas-Clarke has worked in an internal red team since 2024, previously honing his skills in pentesting and consulting. From then, he has delivered red teams, purple teams, and cyber-resilience exercises in a MacOS-heavy Zero Trust environment.
Matthew has previously presented as Matthew Lucas at SEC-T in Stockholm and BSides Cambridge (UK), talking about misconfigurations in Windows OpenSSH and has written blog posts about hacking Azure DevOps Pipelines.
Session
Your target runs macOS, but you don’t know your SIPs from your ESFs? And there’s no friendly Active Directory to fall back on? Where do you even begin?
This talk will give you the fundamentals you need to adapt your red team methodology to macOS with confidence. You don’t need to be Patrick Wardle to get results, but by the end of this talk you will at least know who that is. We will cover:
- Core macOS security concepts and how they will affect your operation
- Offensive and defensive security tooling
- The mindset shifts to pivot your Windows & Linux skills into operating in macOS environments