“The same kind of script is sorely needed for Defender. It uses hostname as the unique identifier for Macs so any device name change creates a new record and uses up a license. It’s bonkers.” That was Luke on LinkedIn, commenting on my Entra ID duplicate scanner. And he was absolutely right. MDE’s device inventory […]
Category: Scripting
Auditing Homebrew Security with Microsoft Intune: Detect Supply Chain Risks on Your Mac Fleet
Let’s be real: Homebrew is amazing. It’s the missing package manager for macOS that every developer loves. However, in an enterprise environment, Homebrew can also be a security nightmare waiting to happen. World-writable binaries? Third-party taps from who-knows-where? Supply chain attacks through git remote hijacking? Yeah, that’s exactly what keeps security teams up at night. […]
How I Accidentally Fort Knox’d myself: A macOS Security Hardening Tale
The Road to Better Security Is Paved with Infinite Login Loops If you’re reading this, you probably care about macOS security hardening. And like me, you might be interested in hardening your macOS devices according to industry standards. But let me tell you a cautionary tale about implementing security measures without proper testing, or as […]
Advanced macOS Protection with Microsoft Intune – Beyond the Basics
Advanced macOS Protection with Microsoft Intune: The Security Sequel You Didn’t Know You Needed!🚀 Hey there, security enthusiasts and Mac wranglers! Remember when we thought CIS Level 1 was the cool kid on the block? Well, grab your Terminal windows and hold onto your MDM profiles, because Level 2 is here to rock your config. […]
Who’s Watching? Auditing macOS Location Services with Intune.
In my ongoing mission to strengthen macOS device security with Microsoft Intune, today I’m focusing on macOS Location Services, and 2 recommendations from the CIS Level 2 benchmarks for macOS devices. We’ll explore recommendation 2.6.1.2 Ensure ‘Show Location Icon in Control Center when System Services Request Your Location’ Is Enabled and recommendation 2.6.1.3 Audit Location […]
iOS MAM Policies; Discovering URL Protocols and Data Transfer Exceptions
It’s been a while since I did a blog on Mobile Application Management (MAM) policies, the unsung heroes of modern IT security. They quietly ensure that corporate data stays safe, even on personal devices. However, when it comes to data transfer exceptions, those tricky settings that allow unmanaged apps to interact with managed app data, […]
Managing macOS with Intune: Into the belly of PLIST files
Most of my blogging journey has been all about Microsoft Intune and Windows devices – But hey, change is the spice of life, or so they say. So, this year, I decided it’s time to mix things up a bit. I’ve jumped on the macOS bandwagon, got myself a shiny new Apple device, and have […]
Revamping Network Drive Mappings on macOS with Intune
Today, we’re once again diving into deploying network drive mappings on macOS with Microsoft Intune, but with a twist! We’re showcasing an enhanced version of the previous shell script that’s been turbocharged with new features and improvements. Fasten your seatbelts – it’s time for an upgraded ride in the world of automation. You can read […]
Deploy Network Drive Mappings on macOS with Microsoft Intune
Update: Check out the new version of this script. Turbocharged with new features and improvements Revamping Network Drive Mappings on macOS with Intune Welcome, fellow tech adventurers, to the world of macOS management with a dash of Microsoft Intune magic! Today, we’re going to explore how you can deploy network drive mapping on macOS devices […]