macOS Security Audit & Continuous Mac Security Monitoring

Automated auditing that catches misconfigurations before they become breaches. 37+ checks. Open source. Privacy-first.

brew install macsentry/tap/macsentry

No signup required. One command. Done.

Install Now — Free View on GitHub
Terminal — macsentry 
$ macsentry

╭─────────────────────────────────────────╮
   v1.0.0                      
  Security Audit for macOS               
╰─────────────────────────────────────────╯

 Running 37 security checks...

CRITICAL ISSUES (2)
 FileVault encryption is disabled
 Firewall is not enabled

WARNINGS (3)
! SSH remote login enabled
! Automatic login is enabled  
! Screen lock delay > 5 minutes

PASSED (32)
 System Integrity Protection enabled
 Gatekeeper enabled
 XProtect up to date
  ... and 29 more checks passed

───────────────────────────────────────────
Completed in 28.4s | 2 critical · 3 warnings · 32 passed

See macSentry in Action

Watch a real security audit in under 30 seconds. No editing, no tricks—just actual output.

Terminal — macsentry demo 
$ macsentry

Real Audit Results

91.9% Pass Rate

From a real macOS Sequoia audit

34 Passed
! 2 Warnings
1 Critical

Completed in 28.4s

Ready to find out what you're missing?

Run your first security audit in under 60 seconds.

Get Started Free

Why Your Mac Needs a Security Audit

macOS has excellent security foundations, but misconfigurations happen. Here's why most solutions fall short.

Enterprise Tools Are Overkill

Jamf, Kandji, and Mosyle cost $3-15/device/month and require MDM infrastructure. Great for large teams, but massive overhead for individuals and small teams.

Manual Checks Are Forgotten

You know you should verify FileVault, firewall, and SIP regularly. But when did you last actually check? Security requires consistency.

Consumer Tools Miss What Matters

Antivirus catches malware but ignores critical misconfigurations. Disabled SIP? Weak permissions? They won't tell you.

Mac Security Monitoring That Never Sleeps

Set it once and let macSentry keep watch. Automated, thorough, and completely transparent.

37+ Automated Checks

FileVault, firewall, SIP, Gatekeeper, SSH, privacy permissions, app entitlements, and more. Comprehensive coverage.

Scheduled Monitoring

Set it once via launchd, runs daily in the background. No manual effort required. True set-and-forget automation.

Actionable Reports

Clear findings with step-by-step remediation guidance. Know exactly what to fix and how to fix it.

Privacy-First

All checks run locally. No data leaves your Mac. No telemetry, no phone home. Your security data stays yours.

Fast & Lightweight

Full audit completes in ~30 seconds. No heavy agents or background processes hogging your system resources.

Open Source

MIT license. Fully auditable code. Community-driven development. Free forever. Trust through transparency.

Start Protecting Your Mac Free & open source forever

Install Your macOS Security Audit Tool in 60 Seconds

Install via Homebrew or pip and run your first security audit immediately.

System Requirements

macOS 13+ (Ventura, Sonoma, Sequoia, Tahoe)
Python 3.10 or newer
Architecture Apple Silicon & Intel

Install macSentry

# Install via Homebrew (recommended)
$ brew install macsentry/tap/macsentry

Recommended for most users. Handles dependencies automatically.

Run Your First Audit

# Run your first security audit
$ macsentry

Enable Daily Monitoring

# Set up automated daily checks (optional)
$ macsentry --install-schedule

Troubleshooting

Works on Your Mac

Full support for modern macOS versions. Intel and Apple Silicon.

🏔️
Tahoe
macOS 26
🏜️
Sequoia
macOS 15
🎵
Sonoma
macOS 14
🌊
Ventura
macOS 13
Apple Silicon (M1/M2/M3/M4)
Intel x86_64

See What You're Missing

Real output from a macSentry audit. Clear categories, actionable findings.

Terminal — macsentry --verbose 
$ macsentry --verbose

╭─────────────────────────────────────────────────────────╮
   v1.0.0                                      
  Comprehensive Security Audit for macOS                 
╰─────────────────────────────────────────────────────────╯

System: macOS 15.1 (Sequoia) on MacBook Pro (M3 Pro)
Started: 2024-12-06 14:32:18

 Running 37 security checks across 8 categories...

━━━ ENCRYPTION & DATA PROTECTION ━━━
 FileVault Encryption
  Status: Disabled
  Fix: sudo fdesetup enable

 Secure Boot — Full Security
 Signed System Volume — Enabled

━━━ SYSTEM PROTECTION ━━━
 System Integrity Protection — Enabled
 Gatekeeper — App Store and identified developers
 XProtect — Version 5198 (up to date)
 MRT (Malware Removal Tool) — Enabled

━━━ NETWORK SECURITY ━━━
 Application Firewall
  Status: Disabled
  Fix: sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

! SSH Remote Login
  Status: Enabled (potential risk if not needed)
  Fix: sudo systemsetup -setremotelogin off

 Stealth Mode — Enabled

━━━ AUTHENTICATION ━━━
! Automatic Login
  Status: Enabled for user 'admin'
  Fix: System Settings → Users & Groups → Automatic login: Off

! Screen Lock Delay
  Status: 15 minutes (recommended: ≤5 minutes)
  Fix: System Settings → Lock Screen → Require password: Immediately

 Password Hints — Disabled
 Guest Account — Disabled

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

SUMMARY
 Critical Issues: 2
 Warnings: 3
 Passed Checks: 32

Completed in 28.4 seconds
Full report saved to: ~/.macsentry/reports/2024-12-06.json

 Run macsentry --fix for guided remediation

37+ Security Checks

Comprehensive coverage across 8 security categories. Filter and explore all checks below.

Check Name Category Severity Description
FileVault Encryption Encryption Critical Verifies full-disk encryption is enabled via FileVault 2
Secure Boot Encryption High Checks Secure Boot is set to Full Security mode
Signed System Volume Encryption High Ensures the system volume has cryptographic integrity
System Integrity Protection System Critical Verifies SIP is enabled to protect system files
Gatekeeper System Critical Ensures only signed apps from identified developers can run
XProtect Status System High Checks Apple's built-in malware scanner is enabled and up to date
MRT (Malware Removal Tool) System Medium Verifies the Malware Removal Tool is active
Automatic Updates System High Ensures automatic security updates are enabled
App Update Check System Medium Verifies automatic App Store updates are enabled
Application Firewall Network Critical Checks the built-in application firewall is enabled
Stealth Mode Network Medium Verifies firewall stealth mode to ignore ping requests
SSH Remote Login Network High Checks if SSH remote login is disabled (unless needed)
Remote Apple Events Network Medium Ensures remote Apple Events are disabled
Remote Management Network High Verifies remote management (ARD) is not enabled
Content Caching Network Low Checks content caching status and configuration
Automatic Login Auth Critical Ensures automatic login is disabled
Screen Lock Delay Auth High Verifies screen lock activates within 5 minutes
Password Hints Auth Medium Checks that password hints are disabled
Guest Account Auth High Ensures guest account is disabled
Root User Status Auth High Verifies root user is disabled
Sudo Timeout Auth Medium Checks sudo session timeout is appropriately configured
Password Policy Auth Medium Verifies password complexity requirements
Location Services Privacy Low Reviews location services configuration
Analytics Sharing Privacy Low Checks if analytics data sharing is enabled
Ad Tracking Privacy Low Verifies personalized ad tracking is limited
Safari Privacy Privacy Medium Reviews Safari privacy and tracking settings
Siri Data Sharing Privacy Low Checks Siri audio recording and analysis settings
Spotlight Suggestions Privacy Low Verifies Spotlight web suggestions are configured
App Notarization Apps High Checks for non-notarized applications
Developer Tools Apps Medium Reviews developer tool access permissions
Accessibility Permissions Apps Medium Audits apps with accessibility API access
Full Disk Access Apps High Reviews apps granted full disk access
Screen Recording Apps Medium Audits apps with screen recording permissions
Input Monitoring Apps High Checks for apps monitoring keyboard/mouse input
Camera Access Apps Medium Reviews apps with camera access permissions
Microphone Access Apps Medium Reviews apps with microphone access permissions
Showing 37 of 37 checks View full documentation →

Why Trust macSentry?

Transparent, auditable, and built with your privacy in mind.

No Data Collection 100% local processing
Open Source Fully auditable code
MIT License Free forever
Latest Release v1.0.0 Updated Dec 2025
Downloads
Stars

How macSentry Compares

Feature macSentry Lynis Enterprise MDM Jamf, Kandji, Mosyle
Price Free Free / $$ Enterprise $3-15/device/mo
macOS Native ~ Linux-focused
Security Checks 37+ macOS specific 200+ (mostly Linux) Varies by vendor
Scheduled Monitoring launchd native ~ Manual cron
Privacy 100% local Local Cloud-based
Setup Time < 1 minute 5-10 minutes Hours to days
MDM Infrastructure Not required Not required Required
Open Source MIT License GPL v3 Proprietary
Best For Individuals & small teams Linux admins, compliance Large enterprises
Try macSentry Free

No account needed. No credit card. Just run the command.

Ready for Your First macOS Security Audit?

Install macSentry today and find out what you've been missing. It takes less than a minute.

Install macSentry Read the Docs View All Checks