Macs are secure! Right…? They don’t really need to be tested…including them in an overall vulnerability management program is likely overkill.
It’s an age-old philosophy coming from those who need some enlightenment…perhaps get caught up on their reading.
The next time someone tells you that macOS is secure, respectfully push back and ask: How do you know?
Here’s a screenshot of the Tenable.io findings from just one scan of a macOS system. I’ve highlighted some key findings. There were multiple systems on the network with similar findings.
I may be wrong – I often am – but this Mac doesn’t look too secure. As so many are saying in the name of “healthcare” today: better to be safe than sorry. Include those Macs in the scope of your vulnerability and penetration testing! Here’s a piece I wrote on this topic that may serve as a good starting point: