The macOS system must use an Endpoint Security Solution (ESS) and implement all DOD required modules.

STIG ID: APPL-13-000015  |  SRG: SRG-OS-000191-GPOS-00080 |  Severity: medium |  CCI: CCI-001233 |  Vulnerability Id: V-257152

Vulnerability Discussion

The macOS system must employ automated mechanisms to determine the state of system components. The DOD requires the installation and use of an approved ESS solution to be implemented on the operating system. For additional information, reference all applicable ESS OPORDs and FRAGOs on SIPRNet.

Check

Verify the macOS system is configured with an approved ESS solution.

If an approved ESS solution is not installed, this is a finding.

Verify that all installed components of the ESS solution are at the DOD-approved minimal version.

If the installed components are not at the DOD-approved minimal versions, this is a finding.

Fix

Configure the macOS system with an approved ESS solution and ensure that all components are at least updated to their DOD-approved minimal versions.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.