Skip to content

osifu/macos_security

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

420 Commits
.github/ISSUE_TEMPLATE
.github/ISSUE_TEMPLATE
 
 
SCAP
SCAP
 
 
baselines
baselines
 
 
build
build
 
 
custom
custom
 
 
includes
includes
 
 
rules
rules
 
 
scripts
scripts
 
 
sections
sections
 
 
templates
templates
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
CHANGELOG.adoc
CHANGELOG.adoc
 
 
CONTRIBUTING.adoc
CONTRIBUTING.adoc
 
 
Gemfile
Gemfile
 
 
LICENSE.md
LICENSE.md
 
 
README.adoc
README.adoc
 
 
VERSION.yaml
VERSION.yaml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

mscp banner outline

apple?icon=apple&label 11

The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5. This is a joint project of federal operational IT Security staff from the National Institute of Standards and Technology (NIST), National Aeronautics and Space Administration (NASA), Defense Information Systems Agency (DISA), and Los Alamos National Laboratory (LANL).

This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 5). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.

To learn more about the project, please see the wiki.

If you are interested in supporting the development of the project, refer to the contributor guidance for more information.

Usage

Civilian agencies are to use the National Checklist Program as required by NIST 800-70.

📎

Part 39 of the Federal Acquisition Regulations, section 39.101 paragraph (c) states, “In acquiring information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of Standards and Technology’s website at https://checklists.nist.gov. Agency contracting officers should consult with the requiring official to ensure the appropriate standards are incorporated.”

Authors

Bob Gendler

National Institute of Standards and Technology

Allen Golbig

National Aeronautics and Space Administration

Dan Brodjieski

Defense Information Systems Agency

Jason Blake

National Institute of Standards and Technology

Blair Heiserman

National Institute of Standards and Technology

Joshua Glemza

National Aeronautics and Space Administration

Elyse Anderson

National Aeronautics and Space Administration

Gary Gapinski

National Aeronautics and Space Administration

Changelog

Refer to the CHANGELOG for a complete list of changes.

NIST Disclaimer

Any identification of commercial or open-source software in this document is done so purely in order to specify the methodology adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards and Technology, nor is it intended to imply that the software identified are necessarily the best available for the purpose.

About

macOS Security Compliance Project

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

8 tags

Packages

No packages published

Languages

  • YAML 55.4%
  • Python 26.1%
  • XSLT 12.2%
  • CSS 4.3%
  • AsciiDoc 1.1%
  • Shell 0.6%
  • Other 0.3%