Jamf launches Beacon threat hunting service for enterprise Mac environments
Apple enterprise management firm Jamf Holding Corp. today launched Beacon by Jamf Threat Labs, a premium threat hunting service that puts the company’s research and detection engineers directly inside customer environments to hunt for attacks targeting Apple’s macOS.
Now generally available, Beacon is aimed at a gap Jamf said many security teams face as their Apple footprint grows. Mac devices have become a bigger target for sophisticated threat actors, but few organizations have staff with the specialized knowledge to monitor and investigate macOS-specific threats. The service is delivered by Jamf Threat Labs, the company’s in-house research and detection team.
Beacon rests on three components. The first is dedicated macOS threat hunting, giving customers access to hunters versed in Apple’s security frameworks, threat actor techniques and macOS-specific attack vectors. Combined with Jamf telemetry, that produces investigation and reporting built for Apple environments rather than adapted from Windows-centric tooling.
Underpinning the service is Jamf’s Mac telemetry, which is built on Apple’s Endpoint Security application programming interface. That data lets analysts hunt for Apple-specific attack techniques and other suspicious behavior across a customer’s Mac fleet. Jamf said it prioritizes those investigations to cut the time an attacker goes undetected.








