Public Data Resource

macOS Security Compliance Project

Robert Gendler, Allen Golbig, Daniel Brodjieski, Jason Blake, Blair Heiserman, Joshua Glemza, Elyse Anderson, Paige Ramsey
Contact: Bob Gendler..
Identifier: doi:10.18434/M32246
Version: 1.0...

Description

The macOS security compliance project is an open source effort to provide a programmatic approach to generating security guidance. This project can be used to create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to compliance requirements in existing security guides or used to develop customized guidance. Through the use of a library of atomic actions that enhance security, and mapping them back to existing guides and policies, a single project can support multiple security guides and regulated industry policies while also allowing for documentation and QA to be uniformly managed through a single effort. This approach simplifies, and radically accelerates, the updating of annual security guidance through a unification and standardization of effort.\n\nRationale for this project:\n\nNormalize and accelerate annual adoption of OS/Hardware by having guidance available to meet the needs of new operating systems on release\n\nReduce worldwide effort in creating annual guidance by unifying and consolidating compliance efforts into a single project\n\nDevelop a methodology to foster collaboration between baseline authors, reducing overhead and redundancy\n\nUnify approach in setting controls\n\nProvide MDM/EMM/security/audit vendors and Apple insight into customer hardening needs\n\nImportant note: This project is a programmatic approach to security policy and can produce output content to be used IN CONJUNCTION with management and security tools to achieve compliance.
Research Topics: Information Technology: Cybersecurity    
Subject Keywords: macOS, mac, security, compliance, SCAP, baseline, FISMA, STIG, OVAL, XCCDF    

Data Access

These data are public.
Data and related material can be found at the following locations:
  https://github.com/usnistgov/macos_security
macOS Security Compliance Project GitHub repository

About This Dataset

Version: 1.0...
Cite this dataset
Gendler, Robert, Golbig, Allen, Brodjieski, Daniel, Blake, Jason, Heiserman, Blair, Glemza, Joshua, Anderson, Elyse, Ramsey, Paige (2020), macOS Security Compliance Project, National Institute of Standards and Technology, https://doi.org/10.18434/M32246 (Accessed 2024-07-15)
Repository Metadata
Machine-readable descriptions of this dataset are available in the following formats:
NERDm
Access Metrics
Metrics data is not available for all datasets, including this one. This may be because the data is served via servers external to this repository.