From 4e7fc52ecfc02460e4872a0c43a6cc4a04a4ba67 Mon Sep 17 00:00:00 2001 From: Bob Gendler Date: Mon, 26 Jul 2021 11:12:57 -0400 Subject: [PATCH 1/6] Update 800-171.yaml --- baselines/800-171.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/baselines/800-171.yaml b/baselines/800-171.yaml index 5ba76126..6be3f5df 100644 --- a/baselines/800-171.yaml +++ b/baselines/800-171.yaml @@ -1,7 +1,6 @@ title: "macOS 11: Security Configuration - NIST 800-171 Rev 2" description: | This guide describes the actions to take when securing a macOS 11 system against the 800-171 Rev 2 baseline. -profile: profile: - section: "authentication" rules: From 6aecb14006ed672159c3ef041a102f10ab01920a Mon Sep 17 00:00:00 2001 From: Dan Brodjieski Date: Thu, 21 Oct 2021 08:51:43 -0400 Subject: [PATCH 2/6] Fixed generate_mapping.py for authors --- scripts/generate_mapping.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/generate_mapping.py b/scripts/generate_mapping.py index e84a2f1e..d0ace219 100755 --- a/scripts/generate_mapping.py +++ b/scripts/generate_mapping.py @@ -233,9 +233,13 @@ tags: sysprefs.append(rule_id) continue - full_baseline = '''title: "macOS 11 (Big Sur): Security Configuration - {}" + full_baseline = '''title: "macOS 12 (Monterey): Security Configuration - {}" description: | - This guide describes the actions to take when securing a macOS 11 system against the {}. + This guide describes the actions to take when securing a macOS 12 system against the {}. +authors: | + |=== + |Name|Organization + |=== profile:'''.format(other_header,other_header) if len(audit) != 0: From 33d1b3fe2cf3c7ff689dabf19a02a4edd0137eae Mon Sep 17 00:00:00 2001 From: Bob Gendler Date: Wed, 16 Mar 2022 15:31:23 -0400 Subject: [PATCH 3/6] v8 to controls v8 fix for excel generation --- scripts/generate_guidance.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_guidance.py b/scripts/generate_guidance.py index 6928976f..91a0b42a 100755 --- a/scripts/generate_guidance.py +++ b/scripts/generate_guidance.py @@ -1235,7 +1235,7 @@ def generate_xls(baseline_name, build_path, baseline_yaml): if title.lower() == "benchmark": sheet1.write(counter, 12, ref, topWrap) sheet1.col(12).width = 500 * 15 - if title.lower() == "v8": + if title.lower() == "controls v8": cis = (str(ref).strip('[]\'')) cis = cis.replace(", ", "\n") sheet1.write(counter, 13, cis, topWrap) From 06cc0d2614da5b6f478b6f1ff45b059bb7c6aa5a Mon Sep 17 00:00:00 2001 From: Bob Gendler Date: Wed, 16 Mar 2022 16:08:53 -0400 Subject: [PATCH 4/6] Date for Monterey Revision 2 Updated --- CHANGELOG.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc index cf1ac38d..a4dbf26f 100644 --- a/CHANGELOG.adoc +++ b/CHANGELOG.adoc @@ -2,7 +2,7 @@ This document provides a high-level view of the changes to the macOS Security Compliance Project. -== [Monterey, Revision 2] - 2022-03-XX +== [Monterey, Revision 2] - 2022-03-16 * Rules ** Added Rules From 45ae819ef2808224189991d396b224316ea13f24 Mon Sep 17 00:00:00 2001 From: Bob Gendler Date: Thu, 20 Oct 2022 13:54:57 -0400 Subject: [PATCH 5/6] Update README.adoc --- README.adoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.adoc b/README.adoc index 0d8248cb..51e165cd 100644 --- a/README.adoc +++ b/README.adoc @@ -21,6 +21,8 @@ image:https://badgen.net/badge/icon/apple?icon=apple&label[link="https://www.app image:https://badgen.net/badge/icon/13.0?icon=apple&label[link="https://www.apple.com/macos"] endif::[] +IMPORTANT: We recommend working off of one of the OS branches, rather than the `main` branch. + The macOS Security Compliance Project is an link:LICENSE.md[open source] effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, _Security and Privacy Controls for Information Systems and Organizations_, Revision 5. This is a joint project of federal operational IT Security staff from the National Institute of Standards and Technology (NIST), National Aeronautics and Space Administration (NASA), Defense Information Systems Agency (DISA), and Los Alamos National Laboratory (LANL). This project is the technical implementation of NIST Special Publication, 800-219 https://csrc.nist.gov/publications/detail/sp/800-219/final[Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)]. NIST Special Publication 800-219 is the official guidance from for automated secure configuration for macOS. From 8e7336ae2ababacac2b0a0d2028484a280130340 Mon Sep 17 00:00:00 2001 From: Preston Kemp Date: Sat, 15 Apr 2023 09:19:26 -0400 Subject: [PATCH 6/6] Updated link for Apple Platform Certifications site Update link to point to Apple Platform Certifications website, SCCC no longer exists. --- README.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.adoc b/README.adoc index 51e165cd..8bc5f2e0 100644 --- a/README.adoc +++ b/README.adoc @@ -27,7 +27,7 @@ The macOS Security Compliance Project is an link:LICENSE.md[open source] effort This project is the technical implementation of NIST Special Publication, 800-219 https://csrc.nist.gov/publications/detail/sp/800-219/final[Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)]. NIST Special Publication 800-219 is the official guidance from for automated secure configuration for macOS. -Apple acknowledges the macOS Security Compliance Project with information on their https://support.apple.com/guide/sccc/macos-security-compliance-project-sccc22685bb2/web[Security Certifications and Compliance Center] page. +Apple acknowledges the macOS Security Compliance Project with information on their https://support.apple.com/guide/certifications/macos-security-compliance-project-apc322685bb2/web[Platform Certifications] page. This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 5). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.