Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The macOS system must enable Gatekeeper.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-259512 | APPL-14-002064 | SV-259512r986253_rule | High |
| Description |
|---|
| Gatekeeper must be enabled. Gatekeeper is a security feature that ensures applications are digitally signed by an Apple-issued certificate before they are permitted to run. Digital signatures allow the macOS host to verify that the application has not been modified by a malicious third party. Administrator users will still have the option to override these settings on a case-by-case basis. |
| STIG | Date |
|---|---|
| Apple macOS 14 (Sonoma) Security Technical Implementation Guide | 2024-05-30 |
Details
| Check Text ( C-63251r941156_chk ) |
|---|
| Verify the macOS system is configured to enable gatekeeper with the following command: /usr/sbin/spctl --status | /usr/bin/grep -c "assessments enabled" If the result is not "1", this is a finding. |
| Fix Text (F-63159r941157_fix) |
|---|
| Configure the macOS system to enable gatekeeper with the following command: /usr/sbin/spctl --global-enable |