This 1+ minute video introduces the concept of provenance chains, tracking how one instance of the GoogleUpdater program got started.
Software updates and software builds produce wonderfully long provenance chains, where process A creates process B, process B creates process C, and so on.
I’ve selected an execution of the GoogleUpdater program with its many arguments.
Down below is the provenance chain that eventually created this execution.
It begins at the top with the first process, launchd, forking itself, followed by this new process executing the program xpcproxy.
At the bottom, the 18th event in the provenance chain, is the execution of the GoogleUpdater program, the one selected in the list above.
Whether you are a student learning about computers, a system administrator responsible for keeping a computer running smoothly, a cybersecurity investigator needing to know what is running on a computer and how any suspicious process got started, or just a person curious to know how computers work, discovering these provenance chains can provide you with valuable knowledge of what is happening behind the scenes on your computer
The Mac app used for this video is Ennetix xTend with then endpoint system extension added. Both Ennetix xTend and Ennetix Endpoint are free.
Download Ennetix xTend from the Apple App Store.
Download Ennetix Endpoint from the Ennetix web site (in Section 2.1).
BOARD OF ADVISORS
Jim Olson served as a Business Specialist at the Engineering Translational Technology Center (ETTC) at University of California, Davis, advising on company formation, strategy,and financing. He also taught classes as an Adjunct Faculty in the Graduate School of Management at UC Davis for over a decade. Previously, he was Executive Vice President of video compression systems at TANDBERG Television and CEO of SkyStream. At TANDBERG, he focused on building and marketing video compression offerings. Jim has held leadership roles at 3Com Corporation and Hewlett-Packard, where he led several successful product launches. He is an active angel investor and a guest lecturer at Stanford University and UC Davis. Jim holds a BSEE from UC Davis, and MSEE and MBA degreesfrom Santa Clara University.
BOARD OF ADVISORS
Sudip Nandy is an acclaimed business leader with over 30 years of experience in global strategy, enterprise building, and investments. He is currently a Senior Advisor and has previously served as Managing Director and Operating Partner at ChrysCapital, a leading investment firm. He was Executive Chairman of Infogain Corporation and Board Member at Liquid Hub Inc. Sudip is also a Director on the Board of GeBBS Healthcare. Earlier, he was CEO and Chairman (India) for Aricent. He is the former Chief Strategy Officer and Head of M&A at Wipro, where he led several successful mergers and acquisitions. Sudip holds a Bachelor’s Degree in Physics from the Indian Institute of Technology (IIT), Kharagpur, andanother in Electrical Technology and Electronics from the Indian Institute of Science (IISc),Bengaluru. He also has an MBA from the Indian Institute of Management (IIM), Ahmedabad.
BOARD OF ADVISORS
Prem Jain was CEO and Co-Founder of Pensando Systems, a cloud and enterprise data center startup, which was founded in 2017 and acquired by AMD in 2023. Before Pensando, Prem spent 23 years at Cisco Systems, where he was known as the “heart, soul, and brains” behind several successful startups. As the Senior Vice President and General Manager of Insieme BU, he developed Software Defined Networking (SDN/ACI) products and next-generation data-center switches. Prem joined Cisco in 1993 after it acquired Crescendo Communications, where he was Vice President of Systems Architecture. He holds a B.E. from Birla Institute of Technology and Science (BITS), Pilani, and a Master’s in Electrical and Computer Engineering from University of California, Davis.
CHIEF PRODUCT OFFICER (ACTING)
Ashok Madanahalli brings 30+ years of experience in networking and cybersecurity at industry leaders such as Riverbed, Check Point, Extreme Networks, and FORE Systems where he built and led high-performance teams delivering product and market share leadership. At Riverbed, Ashok served as Vice President of Product Management (WAN Optimization and SD-WAN) leading the business transformation to Cloud and SaaS. He has also led Firewall/VPN/UTM and IDS/IPS solutions. Ashok holds a master’s degree in engineering from University of Oklahoma and a bachelor’s degree from National Institute of Technology, Durgapur, India.
FOUNDER AND DIRECTOR OF ENGINEERING
Trevor leads Ennetix’s efforts on full-stack design and development of the company’s analytics pipeline. He manages the operations of Ennetix platforms across its customer base.
VICE PRESIDENT OF ENGINEERING
Todd pioneered the field of network security monitoring in the 1990s with the development of the first widely deployed intrusion detection system, the Network Security Monitor (NSM). In addition to network-based security, he has developed intrusion detection sensors for Windows, Linux, and macOS. Todd is currently focused on bringing innovative network and endpoint security monitoring solutions to Ennetix’s xVisor platform.
FOUNDER AND CTO
Pulak Chowdhury, Founder and CTO, Ph.D., Computer Science, UC Davis
Pulak brings a unique combination of deep networking technology background with advanced research work in Computer Sciences. He provides overall architectural direction and drivers the development activities on xVisor with a highly talented team.
FOUNDER AND PRESIDENT
Prof. Dr. Bis Mukherjee, Founder and President (also Distinguished Professor, UC Davis), Ph.D., Electrical Engineering, University of Washington, Seattle, B.Tech. (Hons.), Electronics Engineering, Indian Institute of Technology, Kharagpur
Acknowledged authority in pioneering network technologies for 35+ years. His pioneering contributions in the networking world include: