NIST has released the final version of Special Publication (SP) 800-219, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP). This document explores mSCP resources that system administrators, security professionals, security policy authors, information security officers, and auditors can leverage to secure and assess macOS desktop and laptop system security in an automated way.
This publication also introduces the mSCP, describes use cases for leveraging the mSCP content, and gives an overview of the resources available on the project’s GitHub site. The GitHub site provides practical, actionable recommendations in the form of secure baselines and associated rules, and it is continuously curated and updated to support each new release of macOS.
With the final release of SP 800-219, NIST is formally deprecating SP 800-179 and Draft SP 800-179 Revision 1 on securing Apple OS X 10.10 systems and macOS 10.12 systems, respectively. Their applicable recommendations have already been added to corresponding mSCP baselines.