Jamf Nation Community

I looked at it very fast and didn't see anything that was out of the ordinary, mostly the same CIS....

C

Well it is NIST.

At the end of the doc there is more of a chart that makes a little easy to read : )

I might need to eye-bleach, I couldn't get over the line numbering and just stopped scrolling.

This should do it:
optional image ALT text

In all honesty, while I appreciate the work that went into this, a "draft" of 10.10, when 10.12 is on its way is not very useful. CIS has increased their pace (disclaimer, I've contributed to the CIS benchmarks in the past), and is at least only a few months behind OS releases now... but CIS has their 10.11 benchmark published, and NIST has a draft of 10.10 out when 10.12 is dropping in a few months (and 10.10 likely will be deprecated)....

too little too late.

@Taylor.Armstrong

100% agree and thank you for contributed to the CIS benchmarks, the benchmarks make my job many times easier...

C

@gachowski My pleasure! Although the last one I had any significant amount of work on was 10.8 :( I'd encourage anyone with enough spare cycles to join the CIS group though - it is all volunteer, with a small "core" group and a larger group of people who drop in to test things as they're able, and the more people working on it, the faster they can go. Work is already getting started on Sierra, which is why I question the value of anything like a 10.10 document at this point. Between CIS and Casper, our goal now is to have a secure baseline and be rolling it out within 45 days of the CIS benchmark release, which means hopefully fully upgraded (and secured) within 5-6 months of the OS release.