SilentKnight (previously EFIcienC) – a new generation with fully automatic security checks
A replacement for LockRattler to perform its assessments and check whether your Mac is up to date automatically. Checks EFI firmware, security settings and data files, and has both a summary Help page and a detailed reference. Update handles firmware checks in Sierra more leniently now it is unsupported.
SilentKnight 1.6 (El Capitan, Sierra, High Sierra, Mojave and Catalina)
silnite – a command tool which performs the same checks as SilentKnight
If you’re managing Macs on a network, this is an invaluable way of checking EFI firmware, security settings including SIP and FileVault, and security data file updates. A choice of two levels of detail, which can include checks against my database of current versions, and reports to stdout in either text or JSONised XML. Can also download and install waiting updates. Update improves firmware checking.
silnite 4 (El Capitan, Sierra, High Sierra, Mojave and Catalina)
LockRattler – a quick check of your security systems
LockRattler checks your Mac’s basic security systems are active, reports version numbers of security configuration files which are active, the latest updates installed, and makes it easy to check for and install updates. Ideal for checking that SIP is enabled, and it has Apple’s latest silent security updates. New version 4.23 improves support for KEXT blocker in Catalina.
LockRattler 4.24 (El Capitan, Sierra, High Sierra, Mojave and Catalina)
SystHist – lists full system and security update installation history
SystHist is a clean and simple app which tells you all the OS X/macOS system and security updates which have been installed on that Mac. Now probes deep into protected territory to find even silent silent updates, and gives details of all the files updated. New version 1.12 can change size of text in its middle reporting view.
SystHist 1.12 (El Capitan, Sierra, High Sierra, Mojave and Catalina)
Scrub – cleans folders and volumes of potentially leaking sensitive data
Scrub clears extended attributes which can show when a file was downloaded, and where from; old versions; turns off Spotlight indexing; clears the QuickLook cache; can even set all file dates to 1970. These greatly limit the forensic footprint of your most sensitive files. Powerful, so please read the docs carefully before use. Update fixes a crashing bug in Catalina.
Scrub 1.1 (El Capitan, Sierra, High Sierra, Mojave and Catalina)
After updating any of the items which it checks, when you click on Refresh, LockRattler highlights changes in red. However, the version numbers shown in some of its boxes aren’t highlighted in red until you next open LockRattler. This is because those version numbers depend on obtaining the version number of a bundle, which macOS appears unable to refresh while the app is still running (it seems to be a bug in macOS).
SystHist lists your Mac’s information about installed updates, which may in many cases not exactly match the version of macOS which it’s currently running. To help you see this more clearly, version 1.9 and later display the running version of macOS, so there’s no doubt.
Some Macs don’t update their firmware when they should
How can security data get so out of date?
How do you get a security update to work?
What happened when MRT was updated, and what MRT does
Why does SilentKnight/LockRattler show TCC is out of date?
What is this ‘Compatibility Notification Data’ which Apple has just updated?
Apple has added a new security database to Catalina, bringing 3 updates
SilentKnight, LockRattler and silnite updates to extend 10.15 checks
SilentKnight and silnite now look at firmware more thoroughly
Don’t try reverting a T2 to older firmware
Does replacing internal storage cause EFI updating problems?
Which EFI firmware should your Mac be using? (version 4) – for Catalina
Which EFI firmware should your Mac be using? (version 3) – for Sierra, High Sierra, Mojave
Which EFI firmware should your Mac be using? (version 2) – for El Capitan and earlier
SilentKnight’s security update checks from the command line
How has XProtect changed?
Security update articles:
Catalina 10.15.4 with TCC 150.19 and Security Updates 2020-002 for Mojave and High Sierra, 24 March 2020
XProtect 2116 and MRT 1.57, 19 March 2020
XProtect 2115 and MRT 1.56, 5 March 2020
XProtect 2114 and MRT 1.55, 20 February 2020
XProtect 2113 and MRT 1.54, 5 February 2020
macOS Catalina 10.15.3, Security Updates 2020-001 for Mojave and High Sierra
XProtect 2112 and MRT 1.53, 22 January 2020
XProtect 2111 and MRT 1.52, 7 January 2020
What happened to XProtect? Has it been forked?
XProtect 2110 and MRT 1.51, 12 December 2019
XProtect 2109 for macOS Catalina 10.15.2 only
XProtect 2109 (Catalina only), 10 December 2019
Catalina 10.15.2 with XProtect 2109 (Catalina only), Security Updates 2019-007 for High Sierra and 2019-002 for Mojave, 10 December 2019
XProtect 2108, 13 November 2019
XProtect 2107, 29 October 2019
Catalina 10.15.1, Security Updates 2019-001 for Mojave and 2019-006 for High Sierra, 29 October 2019
What’s this about 10.15 Supplemental Update 2?, 21 October 2019
macOS 10.15 Catalina Supplemental Update, 15 October 2019
Gatekeeper Compatibility 1.0 (Catalina only), 11 October 2019
MRT 1.50 and XProtect 2106, 1 October 2019
macOS Mojave 10.14.6 Supplemental Update 2 (actually 3), plus Sierra and High Sierra Security Update 2019-005, 26 September 2019
MRT 1.49, 12 September 2019
macOS Mojave 10.14.6 Supplemental Update (take 2), 26 August 2019
Gatekeeper 181, 26 August 2019
Gatekeeper 179, 19 August 2019
MRT 1.48, 15 August 2019
macOS Mojave 10.14.6 Supplemental Update, 1 August 2019
Gatekeeper 175, 31 July 2019
Mojave 10.14.6 update, and Security Updates 2019-004 for Sierra and High Sierra, 22 July 2019
XProtect 2014, 22 July 2019
Gatekeeper 173, 22 July 2019
MRT 1.47, 18 July 2019
Gatekeeper 172, and MRT 1.46, 16 July 2019
MRT 1.45, 10 July 2019
Gatekeeper 171, 3 July 2019
Gatekeeper 170, 24 June 2019
MRT 1.42, 17 June 2019
Gatekeeper 169, 17 June 2019
TCC data 17.0, 5 June 2019 (Mojave only)
Gatekeeper 167, 3-4 June 2019
Apple releases additional firmware update for MacBook Pro 15 inch with T2 chip
Gatekeeper 166, 13 May 2019
KEXT Block data 14.5.1 (Mojave), 13 May 2019
Mojave 10.4.5 update, and Security Updates 2019-003 for Sierra and High Sierra, 13 May 2019
XProtect 2103, and MRT 1.41, 2 May 2019
XProtect 2102, 19 April 2019
Gatekeeper 165, 18 April 2019
Gatekeeper 164, 25 March 2019
Mojave 10.14.4 update, and Security Updates 2019-002 for Sierra and High Sierra
MRT 1.40, 21 February 2019
Gatekeeper 163, 20 February 2019
Gatekeeper 162, 7 February 2019
Mojave 10.14.3 Supplemental Update, fixing Group FaceTime bug
MRT 1.39, 5 February 2019
Mojave 10.14.3 and Security Updates 2019-001 for High Sierra and Sierra
Mojave 10.14.2 update, security updates for High Sierra and Sierra, and a Gatekeeper update
Mojave 10.14.1 update, and Security Updates for Sierra and High Sierra