The macOS security compliance project is an open source effort to provide a programmatic approach to generating security guidance. This project can be used to create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to compliance requirements in existing security guides or used to develop customized guidance. Through the use of a library of atomic actions that enhance security, and mapping them back to existing guides and policies, a single project can support multiple security guides and regulated industry policies while also allowing for documentation and QA to be uniformly managed through a single effort. This approach simplifies, and radically accelerates, the updating of annual security guidance through a unification and standardization of effort.\n\nRationale for this project:\n\nNormalize and accelerate annual adoption of OS/Hardware by having guidance available to meet the needs of new operating systems on release\n\nReduce worldwide effort in creating annual guidance by unifying and consolidating compliance efforts into a single project\n\nDevelop a methodology to foster collaboration between baseline authors, reducing overhead and redundancy\n\nUnify approach in setting controls\n\nProvide MDM/EMM/security/audit vendors and Apple insight into customer hardening needs\n\nImportant note: This project is a programmatic approach to security policy and can produce output content to be used IN CONJUNCTION with management and security tools to achieve compliance.
Research Topics: Information Technology: Cybersecurity