2026-04-25 –, Seminar Room 7
Your target runs macOS, but you don’t know your SIPs from your ESFs? And there’s no friendly Active Directory to fall back on? Where do you even begin?
This talk will give you the fundamentals you need to adapt your red team methodology to macOS with confidence. You don’t need to be Patrick Wardle to get results, but by the end of this talk you will at least know who that is. We will cover:
- Core macOS security concepts and how they will affect your operation
- Offensive and defensive security tooling
- The mindset shifts to pivot your Windows & Linux skills into operating in macOS environments
Matthew Lucas-Clarke has worked in an internal red team since 2024, previously honing his skills in pentesting and consulting. From then, he has delivered red teams, purple teams, and cyber-resilience exercises in a MacOS-heavy Zero Trust environment.
Matthew has previously presented as Matthew Lucas at SEC-T in Stockholm and BSides Cambridge (UK), talking about misconfigurations in Windows OpenSSH and has written blog posts about hacking Azure DevOps Pipelines.
Victor van der Helm is an experienced offensive security professional. Since 2021, he has focused on Red Teaming with a specialisation in AiTM phishing, malware development, CI/CD pipelines and cloud infrastructure.
Has previously spoken at SteelCon in Sheffield about his research in automating malware development, with the goal of creating re-usable malware by protecting underlying techniques.