macOS has changed fundamentally. So has troubleshooting it. Secure Boot, the SSV, and Gatekeeper checks bring changes in strategy.
Gatekeeper
Run Catalina or later and there are two XProtects in the CoreServices folder. But they’re completely different, as this explains.
While you may feel more comfortable working with the more limited privileges of a normal rather than admin user, does that improve security?
How macOS security can have excellent tools and defences, but fail to inform the user of the detection of malicious software.
Samples of four malicious software downloaded and run on macOS 13.1. Could it detect and block them effectively? Or do you need 3rd party protection?
It’s well over 4 years since Apple introduced notarization, but many executables still aren’t properly signed, and require the user to bypass Gatekeeper.
Download some vital free software, mount its disk image, run the Installer package there – but why does Ventura refuse to install it, and what you do?
From AppleKextExcludeList to XProtect Remediator, what’s where, its current version, and which have fallen into disuse.
Developed from LockRattler three years ago, SilentKnight is in need to modernisation to work better with changing security tools. History and aims.
What and where is the Gatekeeper app or service? The answer is that it’s a collaborative system or technology to check apps and ensure that only trusted software is run.
The Eclectic Light Company 