As I announced here yesterday, Mac security has moved on in the last three years, and it’s time for my free utility SilentKnight to respond to those changes in its second major release.
This version retires the old Gatekeeper databases, which have been disused for several years, and relegates its check on MRT to a line in the text report. In their place are two new boxes of information. The first gives the version number of the XProtect.app bundle, alias XProtect Remediator; as this is now a scheduled update every two weeks, separating it from XProtect data makes the distinction clearer.
Below that is the result of a check in the last 24 hours of logs for XProtect Remediator reports. If your Mac has run little, or only just started up, there may be no reports at all, but it’s more usual for at least a dozen scan results to show here. If any of them report a doubtful result, such as a detection or remediation, then you’re informed of the number of reports needing your further attention.
As those checks of the log still rely on the
log show command, they’re only available when you run SilentKnight from an admin user account. When it first opens up, SilentKnight 2 checks whether it’s being run from an admin account. If it is, it then performs some basic checks to ensure that the log is working normally. If there appear to be problems, then it won’t attempt to obtain information from the log.
Three different settings are now offered in a new Settings dialog. The first lets you choose whether to check for updates at all, or to download but not install them, as well as the standard option to download and install automatically. There’s also an option to control checking the log for XProtect Remediator reports, and another to disable checking for SilentKnight updates.
I have revised its documentation, with new sections in the Help reference addressing known issues, including how to deal with failed installs, in addition to information about its new checks.
If you want to run SilentKnight on macOS Mojave or earlier, then version 1.21 remains available on its Product Page, and doesn’t prompt you to download this new version.