Abstract
With the release of Apple Intelligence, generative AI is no longer just an app; it is integrated deep within the macOS and iOS ecosystem. It possesses read/write access to user emails, notes, photos, and on-screen data. For security teams and forensic investigators, this creates a blind spot. When the OS itself acts as an agent, how do you distinguish between human-generated content and algorithmic generation?
This Briefing reveals the undocumented forensic artifacts left behind by these native AI systems. We will perform a deep dive into the specific, undocumented file system hierarchies where prompt histories live, how “deleted” AI sessions persist, and the Apple Intelligence logs that commercial tools currently miss.
Attendees will leave with a new open-source tool and a proven methodology to scientifically refute the “AI Alibi,” distinguishing between human-authored, AI-generated, and AI-modified content.
This Briefing will be available on-demand only to Briefings Pass Holders via the event app from May 1 - June 1.
Briefing available on-demand only via the event app from May 1 β June 1, 2026.