Y
Hacker News
new
|
ask
|
show
|
jobs
by
SmellyPotato22
516 days ago
For macOS you all should look into integrating with the Endpoint Security API. It also provides larger subset of events than just syscalls. You can see them all with `eslogger --list-events`.
https://developer.apple.com/documentation/endpointsecurity