From the moment I first started using MacOS X, I fell in love. It was like my long-time favorite Macintosh <= v9 had spawned with my other love, NeXTStep, to create an exquisite underlying
The Jurassic Park scene where the girl says “This is a UNIX system! I know this!”? That was me…
In high school, I had read a *NIX book during detention (There was a time when I just didn’t like going to class…), and I consider that experience to be one of the defining moments of my life.
I had been coding sprites since I lost my first teeth, learned BASIC and was already on IRC and BBS’s, but UNIX was a gloriously complex and special thing. We didn’t have Linux back then really, People primarily used FreeBSD and some of the other commercial distros.
I still consider myself a System V fangirl, after paying many years of dues in UNIX Technical Operations for a large managed hosting company. That’s how I got into security, so I’m really a paranoid UNIX admin who happened upon security.
But I digress. UNIX is awesome. And MacOS + *NIX is even awesome-r.
Mac OS X is extremely secure to begin with, with fantastic built-in features such as full-disk encryption with FileVault, a firewall, many sharing and other more risky features disabled by default, and GateKeeper for application protection.
The standard features are great for most people, but remember – I’m paranoid. Security can generally always be improved for any device, system, solution, etc.
When I install a fresh copy of MacOS X, there are certain pieces of software that I absolutely must install, and most are security tools.
I’ve compiled a list of the security software I tend to install on every Mac I use. These vary from network firewalls to monitoring of specific IOCs (indicators of compromise).
I’m not affiliated with any of these companies (that I know of), these are just awesome tools I recommend.
You’re perfectly okay only using stock Mac OS X, as these tools are mostly monitoring tools for the truly paranoid. E.g. The Mac OS X Firewall works perfectly fine, but there are tools that offer additional functionality. These tools may also adversely affect performance, because they are constantly watching.
In no particular order, these are my top pieces of software for protecting your Apple Mac OS X computers:
-
- KnockKnock https://objective-see.com/products/knockknock.html (Free)
- See what is persistently installed on your Mac
- KnockKnock https://objective-see.com/products/knockknock.html (Free)
-
- TaskExplorer https://objective-see.com/products/taskexplorer.html (Free)
- Visually explore running tasks and other cool process monitoring
- TaskExplorer https://objective-see.com/products/taskexplorer.html (Free)
-
- BlockBlock https://objective-see.com/products/blockblock.html (Free)
- Monitor for new things being added to persistence on your Mac
- BlockBlock https://objective-see.com/products/blockblock.html (Free)
-
- Ransom Where? https://objective-see.com/products/ransomwhere.html (Free)
- Watches for encrypted files create by processes
- Ransom Where? https://objective-see.com/products/ransomwhere.html (Free)
-
- Binary Ninja http://binary.ninja/ (Paid)
- Binary editor/viewer/reverse engineering tool. You may not need this, but it’s sometimes handy for troubleshooting.
- Binary Ninja http://binary.ninja/ (Paid)
-
- Xcode (Download from the Mac App Store) (Free)
- Apple’s code editor. Also includes many libraries you may need if you decide to install a package manager like Pip or Brew.
- Xcode (Download from the Mac App Store) (Free)
-
- Sophos AV is a good option with NO ADS (so it’s my favorite, but go with what you like) https://home.sophos.com/mac (Free)
- Anti-virus
- Sophos AV is a good option with NO ADS (so it’s my favorite, but go with what you like) https://home.sophos.com/mac (Free)
-
- MalwareBytes https://www.malwarebytes.com (Free)
- Anti-malware
- MalwareBytes https://www.malwarebytes.com (Free)
-
- MacKeeper http://mackeeper.com (Paid)
- and/or Clean My Mac https://cleanmymac.com (Paid)
- Some people seem to not like MacKeeper, but I use it and have no issues. I turn off all of the ‘get help from a human’ and ‘find my mac’ features, and just use it for general cleanup.
-
- VeraCrypt https://veracrypt.codeplex.com (Free)
- Encrypt files and directories
- VeraCrypt https://veracrypt.codeplex.com (Free)
-
- Little Snitch https://www.obdev.at/products/littlesnitch/index.html (Paid, but worth every penny)
- If you only buy one piece of software for your Mac, let this be int. An extremely robust firewall with temporary and permanent rulesets – Coolest new feature is a map showing where connections are going to/from
- Little Snitch https://www.obdev.at/products/littlesnitch/index.html (Paid, but worth every penny)
-
- Micro Snitch https://www.obdev.at/products/microsnitch/index.html (Paid, but sometimes you can find a bundle and purchase it with Little Snitch)
- Monitors and reports any microphone and camera activity to help you figure out if someone’s spying on yo
- And/or OverSight https://objective-see.com/products/oversight.html (Free)
- OverSight monitors a Mac’s mic and webcam, alerting the user when the internal mic is activated, or whenever a process accesses the webcam.
- Micro Snitch https://www.obdev.at/products/microsnitch/index.html (Paid, but sometimes you can find a bundle and purchase it with Little Snitch)
- Arq https://www.arqbackup.com (Paid)
- This is rsync-like functionality with a GUI that encrypts backups before you store them in the cloud. Can enforce size limits and remove dereferenced files.
- I’ve never personally used it, but some have said that SpiderOak is another good alternative for encrypted backups and end-to-end encryption. https://spideroak.com
I’d love to hear about YOUR favorite security tools!
What do you use and why? Comment below or mention @aprilwright on Twitter
