Date: [DATE] Hostname: MacBook-Pro macOS Version: XX.X.X Script Version: 1.0.0
- CHECK: macOS version
- ℹ️ INFO: macOS XX.X.X (Build: XXXXXXX)
- CHECK: OS install/setup date
- ℹ️ INFO: Setup completed: [REDACTED]
- CHECK: User accounts (UID >= 500)
- ✅ PASS: System service account: com.malwarebytes.mbam.nobody (UID: 1000)
- ℹ️ INFO: Human account found: user (UID: 501) — verify this is expected
- CHECK: Admin group membership
- ℹ️ INFO: Admin members: root user
- ✅ PASS: Admin group looks normal: root user
- CHECK: System Integrity Protection (SIP)
- ✅ PASS: SIP is enabled
- CHECK: Gatekeeper
- ✅ PASS: Gatekeeper is enabled
- CHECK: FileVault disk encryption
- ✅ PASS: FileVault is On
- CHECK: Application Firewall
- ✅ PASS: Firewall is enabled
- CHECK: Remote Login (SSH)
- ✅ PASS: Remote Login is Off
- CHECK: System LaunchAgents (/Library/LaunchAgents)
- ✅ PASS: com.vendor1.app.agent.plist
- ✅ PASS: com.vendor2.updater.login.check.plist
- ✅ PASS: com.vendor2.updater.plist
- CHECK: System LaunchDaemons (/Library/LaunchDaemons)
- ✅ PASS: com.vendor3.tool1.plist
- ✅ PASS: com.vendor3.tool2.plist
- ✅ PASS: com.vendor1.app.protection.daemon.plist
- ✅ PASS: com.vendor1.app.settings.daemon.plist
- ✅ PASS: org.vendor4.permission.plist
- ✅ PASS: com.vendor2.daemon.plist
- CHECK: User LaunchAgents (~/Library/LaunchAgents)
- ✅ PASS: No user LaunchAgents found
- CHECK: StartupItems (legacy)
- ✅ PASS: StartupItems is empty
- CHECK: Cron jobs
- ✅ PASS: No cron jobs found
- CHECK: PrivilegedHelperTools
- ✅ PASS: com.vendor1.tool1 — Team: XXXXXXXXXX
- ✅ PASS: com.vendor1.tool2 — Team: XXXXXXXXXX
- ✅ PASS: com.vendor2.tool1 — Team: YYYYYYYYYY
- CHECK: Sudoers file integrity
- ✅ PASS: No NOPASSWD entries in sudoers
- CHECK: Sudoers drop-in directory
- ✅ PASS: sudoers.d is empty
- CHECK: SSH authorized_keys
- ✅ PASS: No SSH authorized_keys found
- ✅ PASS: No root SSH authorized_keys
- CHECK: Hosts file integrity
- ✅ PASS: Hosts file is clean — default entries only
- CHECK: DNS configuration
- ✅ PASS: Local/router DNS: fe80::xxxx:xxxx:xxxx:xxxx%en0
- ✅ PASS: Local/router DNS: 192.168.x.1
- CHECK: Proxy configuration
- ✅ PASS: No proxy configured
- CHECK: Unexpected listening ports
- ✅ PASS: No unexpected listeners found
- CHECK: Third-party kernel extensions
- ✅ PASS: No third-party kernel extensions loaded
- CHECK: Gatekeeper assessment of installed apps
- ✅ PASS: All apps in /Applications passed Gatekeeper
- CHECK: Homebrew installation
- ℹ️ INFO: Homebrew is installed
- CHECK: Homebrew security audit
- ✅ PASS: Homebrew audit returned no issues
- CHECK: World-writable files in /usr/local
- ✅ PASS: No world-writable files in /usr/local
- CHECK: SUID binaries (non-standard)
- ✅ PASS: All SUID binaries are standard macOS binaries
- CHECK: Suspicious files in /tmp
- ✅ PASS: /tmp looks clean
- CHECK: Unexpected hidden files in home directory
- ✅ PASS: No unexpected hidden files in home directory
| Metric | Value |
|---|---|
| Total Issues Found | 0 |
| Fixes Applied | 1 (VPN remnants removed pre-audit) |
| Audit Date | [DATE] |
| macOS Version | XX.X.X |
| Hostname | MacBook-Pro |
Result: ✅ All checks passed — excellent security posture!
Generated by mac_security_audit.sh v1.0.0