Public Data Resource

macOS Security Compliance Project

Contact: Blair Heiserman..
Identifier: doi:10.18434/M32246
Version: 1.0...

There is a more recent release of this resource available:    1.0.6


The macOS security compliance project is an open source effort to provide a programmatic approach to generating security guidance. This project can be used to create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to compliance requirements in existing security guides or used to develop customized guidance. Through the use of a library of atomic actions that enhance security, and mapping them back to existing guides and policies, a single project can support multiple security guides and regulated industry policies while also allowing for documentation and QA to be uniformly managed through a single effort. This approach simplifies, and radically accelerates, the updating of annual security guidance through a unification and standardization of effort.

Rationale for this project:

Normalize and accelerate annual adoption of OS/Hardware by having guidance available to meet the needs of new operating systems on release

Reduce worldwide effort in creating annual guidance by unifying and consolidating compliance efforts into a single project

Develop a methodology to foster collaboration between baseline authors, reducing overhead and redundancy

Unify approach in setting controls

Provide MDM/EMM/security/audit vendors and Apple insight into customer hardening needs

Important note: This project is a programmatic approach to security policy and can produce output content to be used IN CONJUNCTION with management and security tools to achieve compliance.
Research Topics: Information Technology:Cybersecurity    
Subject Keywords: macOS, mac, security, compliance, SCAP, baseline, FISMA, STIG, OVAL, XCCDF    

Data Access

These data are public.
Data and related material can be found at the following locations:
  macOS Security Compliance Project
macOS Security Compliance Project GitHub repository

About This Dataset

Version: 1.0...

There is a more recent release of this resource available:    1.0.6

Cite this dataset
Blair Heiserman (2020), macOS Security Compliance Project, National Institute of Standards and Technology, (Accessed 2023-10-02)
Repository Metadata
Machine-readable descriptions of this dataset are available in the following formats:
Access Metrics
Metrics data is not available for all datasets, including this one. This may be because the data is served via servers external to this repository.