All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

fort: An open-source macOS security auditing tool for SOC 2 and ISO 27001 compliance

By

Dheeraj Joshi

1d ago· 1 min readenProduct
Bagel score 65 of 100
65/100
Toasty
Bagelometer

Crispy enough to crunch, soft enough to enjoy. A good bake.

Score65Typepress releaseSentimentpositive

Summary

fort is an open-source Go binary that runs 15+ security checks on macOS devices, helps fix issues with user approval, and generates compliance reports for SOC 2 and ISO 27001 audits. Built by a developer frustrated with manual security configuration, it requires no agent, signup, MDM, or telemetry, and is available via Homebrew under an MIT license.

Key quotes

· 4 pulled
Every month, before a SOC 2 audit, I found myself asking the same question: 'Is my Mac actually configured securely?'
The answer usually meant digging through system settings, running terminal commands I could never remember, and manually collecting evidence for auditors.
fort checks your Mac against common security best practices, helps fix issues with your approval, and generates a report you can use for compliance and audit evidence.
No agent, no signup, no MDM, no telemetry. One MIT-licensed Go binary.
Snippet from the RSS feed
fort runs 15+ security checks on your Mac and fixes what it safely can. No agent, no signup, no MDM, no telemetry. One MIT-licensed Go binary: brew install djadmin/tap/fort. Great for hardening your own Mac, essential for teams prepping SOC 2 or ISO 27001

You might also wanna read

Announcing fnox: A New Secret Management Tool for Development Workflows

The article announces fnox, a new command-line secret management tool designed to work seamlessly with mise in development workflows. Despit

github.com·7mo ago

Safehouse: macOS Kernel-Level Sandboxing for Secure Local AI Agent Development

Safehouse is a macOS-native sandboxing solution for local AI agents that provides kernel-level enforcement to prevent destructive actions. I

agent-safehouse.dev·3mo ago

DepsGuard: Open-source Rust tool to harden package manager configs against supply chain attacks

DepsGuard is an open-source Rust tool (single static binary, zero Rust crate dependencies) that hardens package manager configurations again

github.com·9d ago

OpenEdison: Secure MCP Control Panel for AI Data Protection and Threat Prevention

OpenEdison is a security tool designed to prevent data exfiltration in AI agent systems using MCP (Model Context Protocol). It provides a fi

github.com·9mo ago

Kekkai: A Go-Based File Integrity Monitoring Tool for Security Protection

Kekkai is a lightweight Go tool designed for file integrity monitoring that detects unauthorized file modifications by comparing content-bas

github.com·8mo ago

wolfCOSE: A Lightweight COSE + CBOR Library for Embedded Systems with PQC and FIPS 140-3 Support

wolfCOSE is a lightweight C library implementing CBOR (RFC 8949) and COSE (RFC 9052/9053) for embedded systems, using wolfSSL as the crypto

github.com·10d ago