macos_security

macOS Security Compliance Project
授权协议 View license
开发语言 SHELL
所属分类 应用工具、 终端/远程登录
软件类型 开源软件
地区 不详
投 递 者 轩辕翰
操作系统 跨平台
开源组织
适用人群 未知
 软件概览

The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5. This is a joint project of federal operational IT Security staff from the National Institute of Standards and Technology (NIST), National Aeronautics and Space Administration (NASA), Defense Information Systems Agency (DISA), and Los Alamos National Laboratory (LANL).

This project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of atomic actions which are mapped to the compliance requirements defined in NIST SP 800-53 (Rev. 5). It can also be used to develop customized guidance to meet the particular cybersecurity needs of any organization.

To learn more about the project, please see the wiki.

If you are interested in supporting the development of the project, refer to the contributor guidance for more information.

Usage

Civilian agencies are to use the National Checklist Program as required by NIST 800-70.

��

Part 39 of the Federal Acquisition Regulations, section 39.101 paragraph (c) states, “In acquiring information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of Standards and Technology’s website at https://checklists.nist.gov. Agency contracting officers should consult with the requiring official to ensure the appropriate standards are incorporated.”

Authors

Bob Gendler

National Institute of Standards and Technology

Allen Golbig

National Aeronautics and Space Administration

Dan Brodjieski

Defense Information Systems Agency

Jason Blake

National Institute of Standards and Technology

Blair Heiserman

National Institute of Standards and Technology

Joshua Glemza

National Aeronautics and Space Administration

Elyse Anderson

National Aeronautics and Space Administration

Gary Gapinski

National Aeronautics and Space Administration

Changelog

Refer to the CHANGELOG for a complete list of changes.

NIST Disclaimer

Any identification of commercial or open-source software in this document is done so purely in order to specify the methodology adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards and Technology, nor is it intended to imply that the software identified are necessarily the best available for the purpose.

  • 问题: Mac OS X APP在开发完成,上线的时候必须支持sandbox[https://blog.csdn.net/heroguo_jp/article/details/54862223] 当设置完成SandBox之后 发现,打开最近文件.txt 之后修改保存,当再次打开的时候发现不能 打开运行啦? 原因: Mac OS X系统为了保证系统的安全性采取啦安全保护机制。不允许你在没有文件流的的

  • 项目场景: 自己搭建 Maven 服务器,用于存放一些私有的java library 问题描述 提示:这里描述项目中遇到的问题: 由于使用了自签名证书,在mac上实际使用时报错,报错如下: Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.ce

  • 可以在Java运行时目录的security/java.policy文件中找到可以自由访问的系统属性名。 /Library/Java/JavaVirtualMachines/jdk1.8.0_201.jdk/Contents/Home/jre/lib/security 访问方式,例如: String userDir = System.getProperty("user.home");  

相关阅读

相关文章

相关问答

相关文档