Mac Infrastructure Testing

MacOS computers become a frequent choice in modern IT infrastructures. MacOS workstation security tests will verify whether their configuration compromises the security of the entire organization.

Organizations are increasingly facing the challenge of deploying macOS workstations to their infrastructures. Often these infrastructures have been previously based on Windows stations and Linux servers. Yet, another operating system forces the use of new solutions and connections with other elements. Our experience shows that it may create new attack vectors, which often leads to critical vulnerabilities.

Research shows that from January to mid-2019, over 6 million phishing attacks were carried out on macOS users. As many as 11.80% of them were directed against corporate users.

Successful execution of a phishing attack on even one computer in a company can endanger the security of the entire infrastructure, if it is not properly secured.

During tests, we focus on both comprehensive analysis of the architecture, configuration of each workstation, and the work style specific to each organization. This holistic approach makes it possible to understand where the weaknesses of an organization really lie.

We are experienced in testing infrastructures based on various management systems, including:

• JAMF Pro,
• Apple Business Manager (MDM),
• VMWare Workspace ONE
• Scalefusion MDM,
• SimpleMDM,
• Cisco Meraki,
• Miradore MDM.

We realize that adding computers with macOS often means adding other Apple devices as well. So, if your infrastructure includes iPhones, iPads, AppleTVs and other iDevices, we will also help you verify their security.

What does a typical infrastructure test look like?

1. Together with a Client we define the scope tests.
2. We organize an opening meeting during which, together with administrators and architects, we discuss how an infrastructure architecture was designed. At such a meeting we also specify the iDevices used in the Company.
3. We conduct threat modeling – we define the main goals of a potential attacker. On the basis of these goals, we will carry out security tests.
4. We perform holistic security tests including account management panels, workstations, and connections between them.
5. We prepare a test report and send it to the Client.
6. We answer any questions related to the removal of vulnerabilities.
7. We verify the effectiveness of the vulnerability removal.

Each service we provide is based on our own research. Our team includes people who specialize in the security of Apple devices. One example of such research is the presentation “Abusing & Securing XPC in macOS apps” prepared by Wojciech Reguła. The presentation was given at a leading conference about iDevices security in the United States.

If you would like to learn more about common threats in Apple infrastructures or you are interested in verifying your infrastructure, please contact us using the form below.