Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/usnistgov/macos_security
macOS Security Compliance Project
https://github.com/usnistgov/macos_security
apple bash compliance macos mdm python3 zsh
Last synced: about 2 months ago
JSON representation
macOS Security Compliance Project
- Host: GitHub
- URL: https://github.com/usnistgov/macos_security
- Owner: usnistgov
- License: other
- Created: 2020-06-05T19:28:12.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2024-04-12T13:29:00.000Z (2 months ago)
- Last Synced: 2024-04-13T13:02:16.097Z (2 months ago)
- Topics: apple, bash, compliance, macos, mdm, python3, zsh
- Language: YAML
- Homepage:
- Size: 5.08 MB
- Stars: 1,541
- Watchers: 130
- Forks: 180
- Open Issues: 20
-
Metadata Files:
- Readme: README.adoc
- Changelog: CHANGELOG.adoc
- Contributing: CONTRIBUTING.adoc
- License: LICENSE.md
Lists
- Crypto-OpSec-SelfGuard-RoadMap - MacOS Security
- awesome-macadmin-tools - https://github.com/usnistgov/macos_security
- awesome-stars - macos_security
- awesome-stars - usnistgov/macos_security - macOS Security Compliance Project (YAML)
- awesome-stars - usnistgov/macos_security - macOS Security Compliance Project (YAML)
- awesome-stars - usnistgov/macos_security - macOS Security Compliance Project (zsh)
README
image::templates/images/mscp_banner_outline.png[]
// settings:
:idprefix:
:idseparator: -
ifndef::env-github[:icons: font]
ifdef::env-github[]
:status:
//:outfilesuffix: .adoc
:caution-caption: :fire:
:important-caption: :exclamation:
:note-caption: :paperclip:
:tip-caption: :bulb:
:warning-caption: :warning:
endif::[]
:uri-org: https://github.com/usnistgov
:uri-repo: {uri-org}/macos_security
ifdef::status[]
image:https://badgen.net/badge/icon/apple?icon=apple&label[link="https://www.apple.com/"]
image:https://badgen.net/badge/icon/14.0?icon=apple&label[link="https://www.apple.com/macos"]
endif::[]
IMPORTANT: We recommend working off of one of the OS branches, rather than the `main` branch.
The macOS Security Compliance Project is an link:LICENSE.md[open source] effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, _Security and Privacy Controls for Information Systems and Organizations_, Revision 5. This is a joint project of federal operational IT Security staff from the National Institute of Standards and Technology (NIST), National Aeronautics and Space Administration (NASA), Defense Information Systems Agency (DISA), and Los Alamos National Laboratory (LANL).
This project is the technical implementation of NIST Special Publication, 800-219 https://csrc.nist.gov/publications/detail/sp/800-219/final[Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)]. NIST Special Publication 800-219 is the official guidance from for automated secure configuration for macOS.
Apple acknowledges the macOS Security Compliance Project with information on their https://support.apple.com/guide/certifications/macos-security-compliance-project-apc322685bb2/web[Platform Certifications] page.
This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 5). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.
To learn more about the project, please see the {uri-repo}/wiki[wiki].
If you are interested in supporting the development of the project, refer to the link:CONTRIBUTING.adoc[contributor guidance] for more information.
== Usage
Civilian agencies are to use the National Checklist Program as required by https://csrc.nist.gov/publications/detail/sp/800-70/rev-4/final[NIST 800-70].
[NOTE]
====
Part 39 of the Federal Acquisition Regulations, section 39.101 paragraph (c) states, “In acquiring information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of Standards and Technology’s website at https://checklists.nist.gov. Agency contracting officers should consult with the requiring official to ensure the appropriate standards are incorporated.”
====
== Authors
[width="100%",cols="1,1"]
|===
|Bob Gendler|NIST
|Allen Golbig|Jamf
|Dan Brodjieski|NASA
|John Mahlman IV|Leidos
|Jason Blake|NIST
|Blair Heiserman|NIST
|Joshua Glemza|NASA
|Elyse Anderson|NASA
|Gary Gapinski|NASA
|===
== Changelog
Refer to the link:CHANGELOG.adoc[CHANGELOG] for a complete list of changes.
== NIST Disclaimer
Any identification of commercial or open-source software in this document is done so purely in order to specify the methodology adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards and Technology, nor is it intended to imply that the software identified are necessarily the best available for the purpose.