The macOS system must enable gatekeeper.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-268511 | APPL-15-002064 | SV-268511r1034473_rule | CCI-003992 | high |
| Description | ||||
| Gatekeeper must be enabled. Gatekeeper is a security feature that ensures that applications are digitally signed by an Apple-issued certificate before they are permitted to run. Digital signatures allow the macOS host to verify that the application has not been modified by a malicious third party. Administrator users will still have the option to override these settings on a case-by-case basis. | ||||
| STIG | Date | |||
| Apple macOS 15 (Sequoia) Security Technical Implementation Guide | 2025-05-05 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
CM-14
1.00
- DISA · 1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-003992
1.00
- DISA · 1 · disa_xccdf · related
Details
Check Text (C-268511r1034473_chk)
Verify the macOS system is configured to enable gatekeeper with the following command:
/usr/sbin/spctl --status | /usr/bin/grep -c "assessments enabled"
If the result is not "1", this is a finding.
Fix Text (F-72442r1034472_fix)
Configure the macOS system to enable gatekeeper with the following command:
/usr/sbin/spctl --global-enable