Phorion macOS EDR
Book a Demo

About Us

We're a team of macOS security experts on a mission to protect Apple endpoints everywhere.

Our Philosophy

Phorion was founded on a simple principle: focus on one thing and do it exceptionally well. That one thing is macOS defense. After years of conducting offensive security operations and consistently going undetected by existing macOS tooling, our founders recognized a critical need for a more effective solution.

Outcome Focused

Everything we build is driven by necessity. Each aspect of our product is essential in detecting and responding to macOS threats. Phorion isn't a tool built to check boxes. It's a shield for those truly committed to defending their organizations.

Privacy by Design

From our architecture to how we handle endpoint telemetry, Phorion is designed with privacy in mind. We believe security and privacy are not mutually exclusive. The best security tools respect the privacy of those using them.

Transparency

We provide full access to the telemetry we gather. Nothing is hidden behind a black box. Phorion is built with extensibility in mind, allowing analysts to tailor the tool to their specific needs.

Meet the Team

The team behind Phorion brings years of experience in offensive and defensive macOS security.

Calum Hall

Calum Hall

Co-Founder & CEO

With extensive experience in macOS security, Calum now serves as Phorion's CEO. Starting in offensive security, he transitioned to Blue Team roles to address challenges in defending macOS estates.

Luke Roberts

Luke Roberts

Co-Founder & CTO

As the CTO and co-founder of Phorion, Luke brings a wealth of experience in macOS security, having spent years at the forefront of offensive security research and exploitation.

Alfie Champion

Alfie Champion

Founding Engineer

The author of Practical Purple Teaming and a Founding Engineer at Phorion, Alfie brings a deep understanding of offensive tradecraft and detection engineering.

Published Research

Our team has presented at major security conferences and contributed to advancing macOS security research.

BlackHat BlackHat 2021

Come to the Dark Side, We Have Apples

Turning macOS Management Evil - discussing advanced offensive tradecraft targeting macOS management platforms.

OBTS OBTS v6.0

The Clock is TCCing

Launched Kronos, an open-source tool to enhance the security and privacy of Apple's TCC framework.

GitHub GitHub Universe 2022

Git Outta Here

How GitHub does detection - exploring detection strategies and automation to reduce alert fatigue.

OBTS OBTS v3.0

An Attacker's Perspective on Jamf

Research on the abuse of Jamf environments for persistence, lateral movement, and credential theft.

F-Secure F-Secure Consulting

macOS Attack Detection Fundamentals

Training sessions walking through common macOS TTPs and the telemetry needed to detect these attacks.

Let's Talk

See how Phorion protects your macOS fleet

Purpose-built by macOS security researchers. One lightweight agent delivering detection, prevention, and visibility.

Ready to see it in action? Book a demo and we'll show you how Phorion can protect your fleet.

Book a Demo

Error

Expect a personal email from our team.

Detecting Threats
Behavioral detection and threat hunting
Protecting Endpoints
File access controls and hash blocking
Responding to Incidents
Live response and device isolation
Endpoint Visibility
Deep telemetry via Apple's ESF
Pricing About Us Blog