LockRattler & SystHist

LockRattler – a quick check of your security systems

LockRattler checks your Mac’s basic security systems are active, reports version numbers of security configuration files which are active, the latest updates installed, and makes it easy to check for and install updates. Ideal for checking that SIP is enabled, and it has Apple’s latest silent security updates. New version 4.21 improves compatibility with Catalina and adds auto-update.
LockRattler 4.21 (El Capitan, Sierra, High Sierra and Mojave)

SystHist – lists full system and security update installation history

SystHist is a clean and simple app which tells you all the OS X/macOS system and security updates which have been installed on that Mac. Now probes deep into protected territory to find even silent silent updates, and gives details of all the files updated. New version 1.10 checks its code signature each time it runs.
SystHist 1.11 (El Capitan, Sierra, High Sierra and Mojave)

Known Issues:

After updating any of the items which it checks, when you click on Refresh, LockRattler highlights changes in red. However, the version numbers shown in some of its boxes aren’t highlighted in red until you next open LockRattler. This is because those version numbers depend on obtaining the version number of a bundle, which macOS appears unable to refresh while the app is still running (it seems to be a bug in macOS).

Some apps break LockRattler’s update features

LockRattler appears compatible with macOS 10.15 Catalina beta 1, but the KEXT block version isn’t available as it uses a different mechanism; otherwise results are currently the same as those for Mojave. Catalina may not always report version numbers which are consistent with the update history. The latter seems more accurate.

SystHist lists your Mac’s information about installed updates, which may in many cases not exactly match the version of macOS which it’s currently running. To help you see this more clearly, version 1.9 and later display the running version of macOS, so there’s no doubt.

SystHist appears compatible with macOS 10.15 Catalina beta 1, but doesn’t recognise the beta install fully, which doesn’t appear in the lefthand pane at all. This is because the installer doesn’t record itself performing the installation.

Why is my system update history wrong?

Support pages:

LockRattler Support
SystHist Support

Which EFI firmware should your Mac be using? (version 3)
Which EFI firmware should your Mac be using? (version 2)

Details of security data files for macOS:
High Sierra
El Capitan

Security update articles:

TCC data 17.0, 5 June 2019 (Mojave only)
Gatekeeper 167, 3-4 June 2019
Apple releases additional firmware update for MacBook Pro 15 inch with T2 chip
Gatekeeper 166, 13 May 2019
KEXT Block data 14.5.1 (Mojave), 13 May 2019
Mojave 10.4.5 update, and Security Updates 2019-003 for Sierra and High Sierra, 13 May 2019
XProtect 2103, and MRT 1.41, 2 May 2019
XProtect 2102, 19 April 2019
Gatekeeper 165, 18 April 2019
Gatekeeper 164, 25 March 2019
Mojave 10.14.4 update, and Security Updates 2019-002 for Sierra and High Sierra
MRT 1.40, 21 February 2019
Gatekeeper 163, 20 February 2019
Gatekeeper 162, 7 February 2019
Mojave 10.14.3 Supplemental Update, fixing Group FaceTime bug
MRT 1.39, 5 February 2019
Mojave 10.14.3 and Security Updates 2019-001 for High Sierra and Sierra
Mojave 10.14.2 update, security updates for High Sierra and Sierra, and a Gatekeeper update
Mojave 10.14.1 update, and Security Updates for Sierra and High Sierra