macSentry Beta Has Concluded

Name: macSentry
Rating: 5 (1 reviews)
Author: macSentry

Thank you to everyone who participated in the macSentry beta program. The beta testing phase has now ended and downloads are no longer available.

We appreciate your feedback and support.

Terminal — macsentry

$ macsentry

╭─────────────────────────────────────────╮
│  macSentry v2.0.0                      │
│  Security Audit for macOS               │
╰─────────────────────────────────────────╯

ℹ Running 39 security checks...

CRITICAL ISSUES (2)
✗ FileVault encryption is disabled
✗ Firewall is not enabled

WARNINGS (3)
! SSH remote login enabled
! Automatic login is enabled  
! Screen lock delay > 5 minutes

PASSED (34)
✓ System Integrity Protection enabled
✓ Gatekeeper enabled
✓ XProtect up to date
  ... and 31 more checks passed

───────────────────────────────────────────
Completed in 28.4s | 2 critical · 3 warnings · 34 passed

See macSentry in Action

Watch a real security audit in under 60 seconds. No editing, no tricks—just actual output.

Terminal — macsentry demo

$ macsentry

Real Audit Results

91.9% Pass Rate

From a real macOS Sequoia audit

✓ 34 Passed

! 2 Warnings

✗ 1 Critical

Completed in 28.4s

The macSentry Beta Has Ended

Thank you to all beta testers for your valuable feedback.

Why Your Mac Needs a Security Audit

macOS has excellent security foundations, but misconfigurations happen. Here's why most solutions fall short.

Jamf Requires MDM Infrastructure You Don't Have

$3-15/device/month, agent install, APNS certificates, MDM profiles. Viable at 50+ devices. Absurd overhead for your 3 laptops.

You Haven't Checked SIP in 6 Months

You know FileVault should be on. You know SSH shouldn't accept passwords. You know you should check. But you haven't. Nobody does.

Malware Scanners Don't Check System Configuration

ClamAV won't tell you Gatekeeper is disabled. BitDefender doesn't care if your firewall is off. They scan files. They ignore the system layer.

Mac Security Monitoring That Never Sleeps

Set it once and let macSentry keep watch. Automated, thorough, and completely transparent.

39 Security Checks Across 8 Categories

Encryption (FileVault, external volumes), system integrity (SIP, Gatekeeper, XProtect), network (firewall, SSH, screen sharing), authentication (auto-login, sudo timeout), privacy (TCC database queries), applications (codesign entitlements, quarantine).

launchd Native Scheduling

No cron job hacks. Standard macOS LaunchAgent that respects RunAtLoad and StartCalendarInterval. Logs to ~/Library/Logs/. Uninstalls cleanly.

Exit Codes for CI/CD Integration

0 = passed, 1 = warnings, 2 = critical issues found, 3 = execution error. Pipe JSON output to your monitoring stack. Use it in pre-deployment checks.

Zero Network Requests

All checks use local binaries: fdesetup, spctl, csrutil, defaults, sqlite3. No analytics. No crash reporting. No "usage statistics". Read the source—every subprocess call is documented.

Fast & Lightweight

Full audit completes in ~60 seconds. No heavy agents or background processes hogging your system resources.

Open Source

MIT licensed. ~2,000 lines of Python. Fork it, modify it, sell it if you want. Read every subprocess call. No proprietary black boxes.

MIT licensed. Open source. The beta has concluded.

What Actually Gets Checked

Developers want to know exactly what runs before they execute it. Here's every check with the actual commands.

System Integrity (7 checks)

System Integrity Protection enabled (csrutil status)
Gatekeeper app validation active (spctl --status)
XProtect definitions fresh (<30 days since update)
Malware Removal Tool current
Pending OS security updates (softwareupdate -l)
Secure Boot configuration (Apple Silicon)
Signed system volume (Apple Silicon)

Encryption (3 checks)

FileVault full-disk encryption (fdesetup status)
External volume encryption (diskutil apfs list)
Time Machine backup encryption

Network Security (6 checks)

Application firewall enabled and configured
Firewall stealth mode active (no ICMP responses)
SSH remote login disabled or key-only
Screen sharing disabled
Remote management/ARD disabled
AirDrop/AirPlay receiver discoverability

Authentication (5 checks)

Automatic login disabled (defaults read /Library/Preferences/com.apple.loginwindow)
Guest account disabled
Screen saver password delay ≤5 minutes
Password policy enforced (pwpolicy)
Sudo timeout configured (not infinite)

Privacy & Permissions (8 checks)

Full Disk Access grants (query TCC.db)
Camera permissions (third-party apps)
Microphone permissions
Screen recording permissions
Accessibility API access
Location services access
Contacts access
Calendar access

Applications (4 checks)

Dangerous app entitlements (get-task-allow, disable-library-validation)
Unsigned applications in /Applications
Quarantine enforcement active (defaults read LSQuarantine)
Safari security settings

System Configuration (4 checks)

Analytics/diagnostics sharing disabled
Crash report auto-submission disabled
Find My Mac enabled
MDM enrollment status

macSentry Beta Program Has Ended

The macSentry beta testing phase has concluded. Downloads are no longer available. Thank you to everyone who participated and provided feedback during the beta period.

Beta Program Status

The macSentry beta program has concluded. We are grateful to all participants who helped test and improve the application during the beta phase.

Works on Your Mac

Full support for modern macOS versions. Intel and Apple Silicon.

🏔️

Tahoe

macOS 26

🏜️

Sequoia

macOS 15

🎵

Sonoma

macOS 14

🌊

Ventura

macOS 13

Apple Silicon (M1/M2/M3/M4)

Intel x86_64

See What You're Missing

Real output from a macSentry audit. Clear categories, actionable findings.

Terminal — macsentry --verbose

$ macsentry --verbose

╭─────────────────────────────────────────────────────────╮
│  macSentry v2.0.0                                      │
│  Comprehensive Security Audit for macOS                 │
╰─────────────────────────────────────────────────────────╯

System: macOS 15.1 (Sequoia) on MacBook Pro (M3 Pro)
Started: 2024-12-06 14:32:18

ℹ Running 39 security checks across 8 categories...

━━━ ENCRYPTION & DATA PROTECTION ━━━
✗ FileVault Encryption
  Status: Disabled
  Fix: sudo fdesetup enable

✓ Secure Boot — Full Security
✓ Signed System Volume — Enabled

━━━ SYSTEM PROTECTION ━━━
✓ System Integrity Protection — Enabled
✓ Gatekeeper — App Store and identified developers
✓ XProtect — Version 5198 (up to date)
✓ MRT (Malware Removal Tool) — Enabled

━━━ NETWORK SECURITY ━━━
✗ Application Firewall
  Status: Disabled
  Fix: sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

! SSH Remote Login
  Status: Enabled (potential risk if not needed)
  Fix: sudo systemsetup -setremotelogin off

✓ Stealth Mode — Enabled

━━━ AUTHENTICATION ━━━
! Automatic Login
  Status: Enabled for user 'admin'
  Fix: System Settings → Users & Groups → Automatic login: Off

! Screen Lock Delay
  Status: 15 minutes (recommended: ≤5 minutes)
  Fix: System Settings → Lock Screen → Require password: Immediately

✓ Password Hints — Disabled
✓ Guest Account — Disabled

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

SUMMARY
● Critical Issues: 2
● Warnings: 3
● Passed Checks: 34

Completed in 28.4 seconds
Full report saved to: ~/.macsentry/reports/2024-12-06.json

ℹ Run macsentry --verbose for detailed check output

39 Security Checks

Comprehensive coverage across 8 security categories. Filter and explore all checks below.

Check Name	Category	Severity	Description
FileVault Encryption	Encryption	Critical	Verifies full-disk encryption is enabled via FileVault 2
Secure Boot	Encryption	High	Checks Secure Boot is set to Full Security mode
Signed System Volume	Encryption	High	Ensures the system volume has cryptographic integrity
System Integrity Protection	System	Critical	Verifies SIP is enabled to protect system files
Gatekeeper	System	Critical	Ensures only signed apps from identified developers can run
XProtect Status	System	High	Checks Apple's built-in malware scanner is enabled and up to date
MRT (Malware Removal Tool)	System	Medium	Verifies the Malware Removal Tool is active
Automatic Updates	System	High	Ensures automatic security updates are enabled
App Update Check	System	Medium	Verifies automatic App Store updates are enabled
Application Firewall	Network	Critical	Checks the built-in application firewall is enabled
Stealth Mode	Network	Medium	Verifies firewall stealth mode to ignore ping requests
SSH Remote Login	Network	High	Checks if SSH remote login is disabled (unless needed)
Remote Apple Events	Network	Medium	Ensures remote Apple Events are disabled
Remote Management	Network	High	Verifies remote management (ARD) is not enabled
Content Caching	Network	Low	Checks content caching status and configuration
Automatic Login	Auth	Critical	Ensures automatic login is disabled
Screen Lock Delay	Auth	High	Verifies screen lock activates within 5 minutes
Password Hints	Auth	Medium	Checks that password hints are disabled
Guest Account	Auth	High	Ensures guest account is disabled
Root User Status	Auth	High	Verifies root user is disabled
Sudo Timeout	Auth	Medium	Checks sudo session timeout is appropriately configured
Password Policy	Auth	Medium	Verifies password complexity requirements
Location Services	Privacy	Low	Reviews location services configuration
Analytics Sharing	Privacy	Low	Checks if analytics data sharing is enabled
Ad Tracking	Privacy	Low	Verifies personalized ad tracking is limited
Safari Privacy	Privacy	Medium	Reviews Safari privacy and tracking settings
Siri Data Sharing	Privacy	Low	Checks Siri audio recording and analysis settings
Spotlight Suggestions	Privacy	Low	Verifies Spotlight web suggestions are configured
App Notarization	Apps	High	Checks for non-notarized applications
Developer Tools	Apps	Medium	Reviews developer tool access permissions
Accessibility Permissions	Apps	Medium	Audits apps with accessibility API access
Full Disk Access	Apps	High	Reviews apps granted full disk access
Screen Recording	Apps	Medium	Audits apps with screen recording permissions
Input Monitoring	Apps	High	Checks for apps monitoring keyboard/mouse input
Camera Access	Apps	Medium	Reviews apps with camera access permissions
Microphone Access	Apps	Medium	Reviews apps with microphone access permissions

Showing 39 of 39 checks

Why Trust macSentry?

Transparent, auditable, and built with your privacy in mind.

No Data Collection 100% local processing

Open Source Fully auditable code

MIT License Free forever

Latest Release v2.0.0 Updated Dec 2025

Beta Concluded

★ Stars

How macSentry Compares

Feature	macSentry	Lynis	Enterprise MDM Jamf, Kandji, Mosyle
Price	Free	Free / $$ Enterprise	$3-15/device/mo
macOS Native	✓	~ Linux-focused	✓
Security Checks	39 macOS specific	200+ (mostly Linux)	Varies by vendor
Scheduled Monitoring	✓ launchd native	~ Manual cron	✓
Privacy	✓ 100% local	✓ Local	✗ Cloud-based
Setup Time	< 1 minute	5-10 minutes	Hours to days
MDM Infrastructure	✓ Not required	✓ Not required	✗ Required
Open Source	✓ MIT License	✓ GPL v3	✗ Proprietary
Sudo Required	~ 10% of checks	✓ Most checks	N/A (agent-based)
TCC Permission Checks	✓ SQLite queries	✗	✓ Via MDM API
App Entitlement Scanning	✓ codesign analysis	✗	~ Limited
Detection Engine	Python (auditable)	Shell (auditable)	Proprietary
Best For	Individuals & small teams	Linux admins, compliance	Large enterprises

The beta program has concluded. Thank you for your interest in macSentry.

Thank You for Being Part of the Beta

The macSentry beta program has concluded.

We appreciate everyone who participated in testing and providing feedback.