Getting Started
The macOS Security Compliance Project is developed and maintained on GitHub.
Each branch of the repository contains the rules and resources specific to a particular macOS version. To work with the project or run its workflows, there are some prerequisites you need to install first.
Prerequisites
Section titled “Prerequisites”Before you begin, ensure you have the following installed on your system:
- Git (optional, only needed if you want to clone the repository instead of downloading files directly from GitHub)
Download Git or use your system’s package manager (see note below). - Python 3 (required for running the project scripts and generating files)
Download Python or install via your package manager (see note below).- Python modules:
pyyaml
xlwt
- These can be installed using
pip
after Python is set up.
For example:Terminal window pip3 install pyyaml xlwt --user
- Python modules:
- Ruby (optional, only needed for working with certain documentation formats)
Download Ruby or install via your package manager (see note below).- Gems:
asciidoctor
asciidoctor-pdf
rouge
- These can be installed using
gem
orbundle
after Ruby is set up.
- Gems:
Downloading the Repository
Section titled “Downloading the Repository”You can obtain the project files in one of two ways:
-
Download directly from GitHub:
Visit the GitHub repository, select the branch that matches your target OS version (e.g.,
If you download the ZIP for the correct branch, you can skip to Working with Project Files.sequoia
) using the branch dropdown, then use the “Download ZIP” option.
OR
-
Clone using Git:
Terminal window git clone https://github.com/usnistgov/macos_security.gitcd macos_securityThen, continue below to select the correct branch.
Selecting the Correct Branch
Section titled “Selecting the Correct Branch”Before you begin working, select the repository branch that corresponds to the macOS version you intend to work with.
To switch to the appropriate branch:
git checkout sequoia
Working with Project Files
Section titled “Working with Project Files”All the files you will work with are located in the macos_security
folder. The contents of this folder are specific to the branch you have selected and include the tools and resources required to generate project outputs.
Within this folder, you can:
- Generate baselines
- Produce guidance documentation
- Create DDM and SCAP content
- Generate mappings and compliance scripts
- Make exemptions
- Customize and tailor the output content to your needs
For next steps, feel free to check out the Quick Guide for a quick overview, explore the Guides section of this website, or visit the project’s wiki.