U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

macOS Security APPLE-OS


NIST has traditionally published secure configuration guides for Apple operating systems, e.g., NIST SP 800-179. The macOS Security Compliance Project (mSCP) seeks to simplify the macOS security development cycle by reducing the amount of effort required to implement security baselines. This collaboration between federal organizations minimizes the duplicate effort that would be required to administer individual security baselines. Additionally, the secure baseline content provided is easily extensible by other parties to implement their own security requirements. The latest recommended baseline content is maintained and updated in support of macOS on the mSCP GitHub page.

The mSCP has an intended audience beyond just IT security professionals and developers. Its documentation-generating capabilities also support the needs of information security officers, auditors and policy authors. Additionally, the mSCP functionality can be employed by configuration assessment and management tool vendors.

NIST will no longer produce specific SP guidance documents for each macOS release but will continuously curate and update the guidance included in the mSCP to keep up with each macOS release version. Updates to SP 800-219 will be released as needed when there are substantial changes to the mSCP.


For the most up to date macOS security recommendations, please visit the mSCP GitHub page listed below, which is supported by SP-800-219, Apple Security Guidance: macOS Security Compliance Project.


Created August 31, 2016, Updated July 12, 2022