I remember those days when the Apple folks would scoff at having to have antivirus. Macs were superior, and Windows devices had all those problems.
The technical folks knew that was marketing blather vs. sound security advice. The reality has always been that "everything can be hacked." The early malware reality was that Windows was much more of a target because there were many more Windows devices. Attackers often relegated Macs to being trojan horses, benignly infecting files and then hoping the Mac user brought that Mac back to the enterprise, where that benign Mac file was a malicious Windows file.
Those were the good old days. Now, the Mac is a huge attack surface—sometimes more of an attack surface than Windows.
Macs need an active Endpoint Detection and Response (EDR) defense like your Windows devices. It is not wise to ignore that reality.
The same is true for Mac vulnerability analysis.
CSI has an arsenal of Mac-aware tools to protect Macs at the same level as Windows devices.
First, we have Huntress for Mac, which does all that Huntress does, plus provides the Huntress Security Operation Center (SOC) resources behind their agents.
Next, we have our CSEDR, featuring the SentinelOne Complete EDR agent with the Vigilance SOC, which protects Macs like we do Windows.
CSI's CyberCNS Vulnerability Advisory Service provides the same notifications and updates for Mac OS and third-party application updates.
A recent worldwide security study by Picus Security found that Macs were far more likely to be allowed to run without EDR or have the Mac-based EDR misconfigured. The study concluded that only 23% of the Macs prevented their attack simulations.
Remember, you are only as strong as your weakest link.
Don't let your Macs create those vulnerability gaps in your network.
Finally, the most complete way to ensure that your Mac or Windows EDR-protected devices are doing what they should to protect your network is to add an SOC to oversee it, such as CSI's Managed XDR service. Nothing compares to 24x7x365 "eyes on glass" looking at your network.
If you need to shore up your network defenses by improving your Mac endpoint protection, or you have had enough of trying to manage everything in your network that can create security gaps, contact Lisa to discuss how we can help you improve your network protection.
-Scott Quimby, CISSP