I've been asked to investigate a couple of Macs that are believed to have been security compromised.
I wondered whether anyone had any suggested workflows or resources that they could share with me around performing such an investigation?
We don't have a budget for any commercial third-party products to assist with this, so any advice would be greatly appreciated!