CISO Security KitDFIRAI CISO

macOS Forensic Triage

macOS live triage: launchd persistence, TCC database inspection, quarantine xattrs, unified logs.

What this skill does

macOS Forensic Triage is a versioned playbook inside the CISO Security Kit. It runs on the AI CISO agent through the Procux skill runtime, producing structured, auditable output suitable for executive review and regulator submission.

Kit
CISO Security Kit
Category
DFIR
Primary agent(s)
AI CISO
Tags
dfir, macos, launchd, tcc, unified-logs

How to use it

  1. Sign in to your Procux workspace and open the platform dashboard.
  2. Pick the AI CISO agent, then pick macOS Forensic Triage from the CISO Security Kit catalog.
  3. Provide the required inputs (repo, document, endpoint, jurisdiction) — the agent runs the playbook and returns a structured report.
  4. Review, iterate, or export (PDF / JSON / Markdown) as part of your internal review cycle.

Related skills

← Back to full catalog