Explore incident response techniques for macOS in this 51-minute conference talk from Derbycon 2019. Delve into data collection methods, including PICT data collection and basic_info.txt. Learn about analyzing persistence mechanisms, browser histories, install history, and process information. Examine suspicious behavior through detailed walkthroughs and timelines of real-world malware examples such as Wirenet, Mokes, BirdMiner, and FruitFly. Gain valuable insights into detecting and responding to security incidents on Apple's operating system.