macos_security
macOS-Security-and-Privacy-Guide
macos_security | macOS-Security-and-Privacy-Guide | |
---|---|---|
18 | 25 | |
1,565 | 20,889 | |
2.5% | - | |
9.1 | 9.6 | |
about 21 hours ago | about 1 month ago | |
YAML | Python | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
macos_security
- Windows Security Compliance project
-
FIPS 140 and MacOS
For starters there's an entire NIST project for macOS Security Compliance - https://github.com/usnistgov/macos_security this will make your life a million times easier to meet a lot of the technical controls required for compliance. Nothing like this really exists for Windows or Linux(closest is Compliance As Code https://github.com/ComplianceAsCode/content)
-
Nist controls and acceptable artifacts and evidence. Does anyone have a controls spreadsheet that lists all 800-53 controls and evidence required to satisfy that control?
https://github.com/usnistgov/macos_security - for macOS this would help.
-
Need reporting about device CIS compliance
I’d highly recommend checking out the usnistgov/macos_security on GitHub. You can generate a benchmark and then feed the output into extension attributes to trigger policies on.
- CIS Benchmark deployment approach
-
Could use some advice on my career change
Study about cybersecurity, or how to harden a macOS fleet against published security frameworks.
-
Enrolling devices in ABM/Mosyle
Weigh the pros and cons about having your end-users be standard users or admins on their Macs. If they are already admins (probably), consider the political blowback if you take away their admin rights and flexibility and autonomy they've become used to. Conversely, consider the security posture of your organization. If it has to adhere to some well-known guides (like 800-171 o 800-53r5), then you may not be able to allow end-users to be admins. Take a look at the macOS Security Compliance Project.
-
Here's a recap of the top-voted webinar: How to Harden Macs!
NIST Compliance Benchmarks: github.com/usnistgov/macos_security
- Hardening macOS
-
Disabling Bonjour on monterey
Like OP, I'm trying to disable both bonjour and netbios. I'm using this script: https://github.com/usnistgov/macos_security/blob/main/includes/enablePF-mscp.sh
macOS-Security-and-Privacy-Guide
- Hardening macOS
- I’m struggling to add my credit card info to deviantart
-
How to indicate that a laptop is locked and thus useless for thieves
Hi friends, I followed this guide: https://github.com/drduh/macOS-Security-and-Privacy-Guide and some additional steps to protect my macbook from being accessed by unauthorized people. The key steps I did was a full disk encryption and a custom firmware password. This makes it extremely difficult to repurpose my macbook after for example a theft. The reason I want this is that I often study in university or sometimes work in public places, but I also work as a software developer with sensitive consumer data.
-
Orion Browser
https://github.com/drduh/macOS-Security-and-Privacy-Guide/is...
-
my first Mac! any tips or suggestions?
turn on FileVault , turn on the firewall (built in). install Lulu firewall follow this guide and harden the system https://github.com/drduh/macOS-Security-and-Privacy-Guide
- macOS-Security-and-Privacy-Guide: Guide to securing and improving privacy on macOS
-
Privacy Guide for MacOS Ventura?
I'm looking for a guide to harden MacOS Ventura, preferably including little snitch/lulu blocklist suggestions for MacOS services. I'm aware of dr druh's guide (that currently doesn't seem to be updated for Ventura though) and isn't including a little snitch/lulu blocklist.
- “Confirm that you’re not a robot” malware
-
Ask HN: What do you do for online privacy?
- macos, following https://github.com/drduh/macOS-Security-and-Privacy-Guide for hardening (I haven't compared this to other hardening guides, but doing something is better than nothing)
-
Tips and Guide to MacOS
I remember seeing this, I have never followed it so I don't know what it's worth but it's seems quite comprehensive
What are some alternatives?
Installomator - Installation script to deploy standard software on Macs
macOS-enterprise-privileges - For Mac users in an Enterprise environment, this app gives the User control over administration of their machine by elevating their level of access to Administrator privileges on macOS. Users can set the time frame using Preferences to perform specific tasks such as install or remove an application.
CIS-macOS-Security
apple-telemetry - Domain blocklists, IP blocklists, Little Snitch .lsrules, and cloaking files for blocking Apple telemetry
heimdall2 - Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
PopClip-Extensions - Source code extensions in the official PopClip Extensions directory.
windows_hardening - HardeningKitty and Windows Hardening settings and configurations
MailTrackerBlocker - Email tracker, read receipt and spy pixel blocker plugin for macOS Mail (10.11-13.x)
CIS-for-macOS-BigSur-Intel-M1 - CIS Benchmarks for macOS Big Sur
BLEUnlock - Lock/unlock your Mac with your iPhone, Apple Watch, or any other Bluetooth LE devices
TheMacHardeningScripts - Scripts to secure and harden Mac OS X
OSX-KVM - Run macOS on QEMU/KVM. With OpenCore + Monterey + Ventura + Sonoma support now! Only commercial (paid) support is available now to avoid spammy issues. No Mac system is required.