Skip to main content
Solved

macos security compliance through jamf

  • October 16, 2023
  • 4 replies
  • 81 views
J
Forum|alt.badge.img+3

Hello Jamf Nation,

 

I am trying to implement the nist macos security compliance project into our organization devices, https://github.com/usnistgov/macos_security .  

I have read through the wiki and it keeps saying in each page that: 

We recommend working off of one of the OS branches, rather than the main branch

 

I am wondering how can i generate the script and configuration profiles and put them in jamf while we have different mac os versions, i.e. ventura, monterey, sonama.

 

I hope i am expressing my self clear. Please any guidance on that? 

 

Thank you,

 

Best answer by Hugonaut

@jalhathanaya 

Jamf has worked with the NIST git & created this tool - https://trusted.jamf.com/docs/establishing-compliance-baselines

 

You can download the tool, select the compliance level regarding cis/nist/etc & then upload the scripts, configs, etc, directly to your jamf pro server from the jamf compliance editor application.

    4 replies

    Hugonaut
    Forum|alt.badge.img+15
    • Hugonaut
    • Esteemed Contributor
    • Answer
    • October 16, 2023

    @jalhathanaya 

    Jamf has worked with the NIST git & created this tool - https://trusted.jamf.com/docs/establishing-compliance-baselines

     

    You can download the tool, select the compliance level regarding cis/nist/etc & then upload the scripts, configs, etc, directly to your jamf pro server from the jamf compliance editor application.

    Looking for a Jamf Managed Service Provider? Look no further than Rocketman Tech! Virtual MacAdmins Monthly Meetup - First Friday, Every Month
    Tonyyoung
    J
    KandjiSoBad
    Tonyyoung
    Forum|alt.badge.img+8
    • Tonyyoung
    • Contributor
    • October 16, 2023

    @jalhathanaya 

    Jamf has worked with the NIST git & created this tool - https://trusted.jamf.com/docs/establishing-compliance-baselines

     

    You can download the tool, select the compliance level regarding cis/nist/etc & then upload the scripts, configs, etc, directly to your jamf pro server from the jamf compliance editor application.


    Seconding @Hugonaut here.
    The Jamf Compliance Editor tool is your best friend in this situation. You can build your projects per OS, and the application can upload everything to Jamf on your behalf. It's a great time saver.

    J
    J
    Forum|alt.badge.img+3
    • jalhathanaya
    • Author
    • New Contributor
    • October 17, 2023

    Seconding @Hugonaut here.
    The Jamf Compliance Editor tool is your best friend in this situation. You can build your projects per OS, and the application can upload everything to Jamf on your behalf. It's a great time saver.


    so i can build the same project for sonoma, monterey and ventura? 

    D
    Forum|alt.badge.img
    • DVN
    • New Contributor
    • June 20, 2024

    so i can build the same project for sonoma, monterey and ventura? 


    Yes it states that it supports Sonoma:
    "Jamf Compliance Editor application version 1.2.1 and higher supports macOS Sonoma."

    Here's the link to the page. It's at the bottom under "Support".
    https://trusted.jamf.com/docs/establishing-compliance-baselines

    Terms & ConditionsCookie settingsAccessibility statement