In an effort to bolster security for macOS users, ThreatLocker has introduced its Defense Against Configurations (DAC), currently in beta. This new feature targets common misconfigurations that jeopardize organizational safety, making them visible and actionable.
Enhancing macOS Security Against Admin Errors
Configuration oversights pose significant risks, even in security-conscious organizations. Loose app permissions and outdated protocols, such as SMB version one, provide pathways for attackers. DAC strives to close these gaps before they result in security incidents.
Key Features of DAC for macOS
- Regular scanning of up to four times a day through the existing ThreatLocker agent.
- Identification of high-value controls, including:
- Disk encryption status with FileVault
- Built-in firewall status
- Sharing and remote access settings
- Local administrator accounts and memberships
- Automatic update settings
- Gatekeeper and app source controls
- Security and privacy preferences to mitigate attack surface
- categorized findings by endpoint to streamline remediation.
- Mapping to major frameworks such as CIS, NIST, ISO 27001, and HIPAA.
The Importance of Configuration Visibility
Design companies and media studios often rely on Macs due to their performance advantages. However, until now, visibility into configuration issues lagged behind that of Windows. DAC equips these teams with the insights necessary to identify vulnerabilities like unencrypted drives or disabled firewalls, fortifying their defenses against potential attacks.
This beta release of DAC is significant not only for macOS coverage but also for enabling IT and security teams to understand their security posture. Findings related to compliance connect directly to ThreatLocker policies, facilitating necessary fixes and ensuring alignment with security frameworks and insurance requirements.
Ultimately, the introduction of DAC serves as a gateway to more robust control over organizational security configurations. ThreatLocker aims to enhance overall safety and peace of mind for macOS users, making security management simpler and more effective.
