Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Releases New Guidance and Resources on macOS Security
June 24, 2022

NIST has released the final version of Special Publication (SP) 800-219, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP). This document explores mSCP resources that system administrators, security professionals, security policy authors, information security officers, and auditors can leverage to secure and assess macOS desktop and laptop system security in an automated way.

This publication also introduces the mSCP, describes use cases for leveraging the mSCP content, and gives an overview of the resources available on the project’s GitHub site. The GitHub site provides practical, actionable recommendations in the form of secure baselines and associated rules, and it is continuously curated and updated to support each new release of macOS.

With the final release of SP 800-219, NIST is formally deprecating SP 800-179 and Draft SP 800-179 Revision 1 on securing Apple OS X 10.10 systems and macOS 10.12 systems, respectively. Their applicable recommendations have already been added to corresponding mSCP baselines.

Parent Project

See: macOS Security

Related Topics

Security and Privacy: configuration management, controls assessment, security automation, security controls

Technologies: operating systems

Applications: enterprise

Created June 23, 2022, Updated June 24, 2022