-
Notifications
You must be signed in to change notification settings - Fork 206
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create macOS policies for SCA #331
Comments
2019-04-052019-04-04
2019-04-03
2019-04-02
2019-04-01
2019-03-29
|
According https://en.wikipedia.org/wiki/MacOS:
So maybe not all the policy files are going to be implemented. Maybe only 10.13, 10.12 and 10.11. |
The generic policy files are used for all the UNIX-like operating systems.
|
The subdirectories are named after the version of the Darwin kernel: - 15 for OSX 10.11 (Darwin 15) - 16 for macOS 10.12 (Darwin 16) - 17 for macOs 10.13 (Darwin 17)
Mainly because in MacOS, the paths for the web-related directories seem to be located in different places compared to Linux.
The subdirectories are named after the version of the Darwin kernel: - 15 for OSX 10.11 (Darwin 15) - 16 for macOS 10.12 (Darwin 16) - 17 for macOs 10.13 (Darwin 17)
Mainly because in MacOS, the paths for the web-related directories seem to be located in different places compared to Linux.
Currently, there are not available security policies for macOS. This is necessary to be able to perform SCA scans in that OS.
This issue attempts to develop SCA policies based on the CIS benchmarks for the multiple macOS versions available. It also depends on the possibility to create checks that read commands output, which is already developed here.
This is the list of available CIS benchmarks for macOS:
macOS 10.13 (High Sierra)
macOS 10.12 (Sierra)
macOS 10.11 (El Capitan)
macOS 10.10 (Yosemite)
macOS 10.9 (Mavericks)
macOS 10.8 (Mountain Lion)
This work has been already started at: 3.9-macos-yaml-policies
The text was updated successfully, but these errors were encountered: