A quick way to make your Mac a bit more secure is to use configuration profiles.
This repo contains configuration profiles for macOS 13 (Ventura) and the browsers Chrome and Safari which are based on the corresponding CIS Benchmarks:
| Software | CIS Benchmark | Version |
|---|---|---|
| macOS 13 (Ventura) | CIS Apple macOS 13.0 Ventura Benchmark | v1.0.0 - 11-14-2022 |
| macOS Safari | CIS macOS Safari Benchmark | v2.0.0 - 11-28-2017 |
| Google Chrome | CIS Google Chrome Benchmark | v2.1.0 - 12-21-2021 |
The Benchmarks are coming with two profile definitions:
Level 1: Items in this profile intend to:
- be practical and prudent;
- provide a clear security benefit; and
- not inhibit the utility of the technology beyond acceptable means.
Level 2: This profile extens the "Level 1" profile. Items in this profile exhibit one or more of the following charactteristics:
- are intended for environments or use cases where security is paramount.
- acts as defense in depth measure.
- may negatively inhibit the utility or performance of the technology.
-
Copy the hardening profiles you want to use onto your Mac.
-
Open your system settings and search for "profile".
-
Add your desired hardening profile by clicking on the "+" and selecting the corresponding file.
-
Copy the hardening profiles you want to use onto your MAc.
-
Open a terminal window and use the
sudo profiles -I <profile-file.mobileconfig>command.
Apple Support - How to use configuration profiles
CIS Apple macOS 13.0 Ventura Benchmark
Do you want to contribute? That’s great! Contributions are always welcome, no matter how large or small. If you found something odd, feel free to submit a new issue, improve the code by creating a pull request, or by sponsoring this project.