+3Hello ,
Is there any way to block all apps except the chosen ones?
I saw on Apple developer that whitelisted app were deprecated
whitelistedAppBundleIDs
[string]
,but solution with allowListedAppBundleIDs didn't work for me.
In my case I need to push policy to block everything except preinstalled apps and 5 chosen by IT.
Best answer by AJPinto
In my experiences there are no good applications that do this for macOS. Your typical go to's for Windows like Carbon Black, Sentinel One, and CyberArc do not reliably provide App Control on MacOS if they provide it at all.
This is a security problem, not a device management problem. I would tell the Security Division in your IT infrastructure that they need to find the solution they want to use to close the finding.
JAMF Pro has two options.
+26In my experiences there are no good applications that do this for macOS. Your typical go to's for Windows like Carbon Black, Sentinel One, and CyberArc do not reliably provide App Control on MacOS if they provide it at all.
This is a security problem, not a device management problem. I would tell the Security Division in your IT infrastructure that they need to find the solution they want to use to close the finding.
JAMF Pro has two options.
+25@kdpk Take a look at Google's Santa project: https://github.com/google/santa It supports application allow/deny
+3In my experiences there are no good applications that do this for macOS. Your typical go to's for Windows like Carbon Black, Sentinel One, and CyberArc do not reliably provide App Control on MacOS if they provide it at all.
This is a security problem, not a device management problem. I would tell the Security Division in your IT infrastructure that they need to find the solution they want to use to close the finding.
JAMF Pro has two options.
I use your tips , and set only allow Appstore Apps , then I block Appstore app, it kind of tricky way but works perfect.
Thanks for advice :D
+26I use your tips , and set only allow Appstore Apps , then I block Appstore app, it kind of tricky way but works perfect.
Thanks for advice :D
woot, I am happy that worked.
+24I see this is an old thread, but I’m looking to see if anyone has ever been able to figure out a way to get the whitelistedAppBundleIDs setting in a configuration profile to work in macOS.
I’m in need of getting this working somehow for our environment. I’m using iMazingProfileEditor to test this out, but no matter what I do, I can’t get it to actually work for some reason.
If anyone has been able to do this, I’d love to get an idea on how you did it.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.