Question

Security Analysis tool for Mac?

Forum|Forum|8 years ago
April 27, 2017
4 replies
28 views

+5

jnice22
Contributor

This probably isn't a Jamf question but I was just wondering if anyone knows a solid security analysis tool that will scan a mac for vulnerabilities? Something a little easier than nessus. Paid is fine.

I just want to run a scan on one of my locked down systems to make sure there isn't any glaring issues (before letting our security guys have at it)

CIS validation would be great...

I have looked around without much luck. I remember using macanalysis a long time ago and it was great.

Thanks,
Jasen

A

+8

al_platt
Contributor
Forum|Forum|8 years ago
April 28, 2017

Depends what you're looking to scan. Try some of Patrick Wardles tools https://objective-see.com/products.html

Lockdown will run through a security build review (kinda)

The rest run in the background to scan for malware etc

Like

B

+5

bainter
Contributor
Forum|Forum|8 years ago
April 28, 2017

Don't know if this is an appropriate route, but we use CISCAT in a government agency. Requires membership.

[https://benchmarks.cisecurity.org/downloads/](link URL)

Scans to check settings against selectable CIS benchmarks. It's not 100% accurate--there are some settings it doesn't accurately rate in our environment for some reason--but fairly close.

Like

J

+5

jnice22
Author
Contributor
Forum|Forum|8 years ago
April 28, 2017

Thanks! There does appear to be a shortage of tools for remediating security on the Mac. I might need to start a project.

@al_platt Thanks! Lockdown looks like it will be very helpful.

@bainter I will give that a try as well. We should have a membership. I've had fun with recommendations from CIS. Getting everything to work is a chore. It appears that if you have rules applied by policy they are not always caught.