[Auditor] Custom Checks

Custom checks allow you to define your own rules using YAML files. This allows you to have your checks for what you deem necessary for your security. These are scoped to your own user account and can't run under sudo.

To enable them, you have to enable an option under Auditor preferences and create a folder ParetoAuditor in Documents and add a .yaml file that follows the US NIST specification. Note that each time you make a change or add a new check, you have to restart the app for it to pick up the changes.

For example, if you wanted to create a check that will report when you have outdated brew packages.

The above example would have a strange check title, "No Outdated Brew packages are passing." You can add titleOn and titleOff parameters to describe your check better.

Now when you would click on the check in Pareto Auditor, it guides you to this page, which is not ideal. However, you can specify any valid url as a parameter that would link you to your docs.

For a lot more examples, check out NIST macOS Security Compliance Project on GitHub.

Still need help? Contact Us Contact Us