Skip to content

FAQ

Every year, Apple releases a new version of macOS. Traditionally, security professionals and administrators spend months waiting for the release of an official security baseline. By creating an open source, community-driven method for generating baselines for new macOS versions, we can dramatically reduce the time to release and improve security for everyone.


How can I contribute, ask questions, or report bugs?

Section titled “How can I contribute, ask questions, or report bugs?”

We encourage everyone to participate!

  • Open an issue on our GitHub repository to:
    • Ask questions
    • Report bugs or problems
    • Suggest new features or improvements
    • Start or join discussions and decisions about the project

Your feedback and contributions help make the project better for all Mac Admins.


Why use a command line based approach when a configuration profile is available?

Section titled “Why use a command line based approach when a configuration profile is available?”

Some configuration profiles are set once and do not enforce the setting continuously. The only way to reliably validate and enforce certain settings is through a command line based approach, which allows for ongoing compliance checks and remediation.


Is a Mac management system (MDM) required to implement the controls defined in the YAML?

Section titled “Is a Mac management system (MDM) required to implement the controls defined in the YAML?”

No, an MDM is not strictly required to implement all controls. However, as macOS evolves, Apple is making it increasingly clear that an MDM server will be necessary to properly secure and manage macOS devices in enterprise environments.


Where can I find more help or documentation?

Section titled “Where can I find more help or documentation?”

How do I stay up to date with project changes?

Section titled “How do I stay up to date with project changes?”