fort audits your Mac's security settings, fixes what it finds, and produces a timestamped compliance report — no MDM, no signup, no agent.
Three commands cover the entire compliance workflow. No dashboard to learn, no agent to manage.
Audits all 15 security controls in under 3 seconds. Score, current state, expected state — no interpretation needed.
Remediates every fixable setting. Use --dry-run first to see exactly what changes before it runs.
Writes a timestamped HTML report with machine identity, per-check results, and SOC 2 control references. Print to PDF in one click.
Every check uses stable, documented macOS APIs. No private frameworks. Works on macOS 12 Monterey through the latest release.
fdesetup status. High confidence, no guessing.socketfilterfw.Run fort --report and hand the file to your auditor. No portal, no upload, no waiting.
Hostname, serial number, OS version, and timestamp — everything an auditor needs to verify the evidence is real.
Self-contained HTML file. Open in any browser, hit Cmd+P. No external dependencies, no server required.
Each check maps to the relevant SOC 2 Trust Services Criteria (CC6.x, CC7.x). Shows auditors exactly what's covered.
| Check | Status | Found |
|---|---|---|
| Password manager | pass | 1Password |
| Disk encryption | pass | on |
| Screen lock | pass | immediate |
| Antivirus / EDR | warn | XProtect only |
| Application firewall | pass | on |
Get every Mac green before your first audit. No MDM enrollment, no IT department needed. One command per machine.
Run fort across your client's fleet, collect the HTML reports, and hand a before/after to the auditor. Repeatable, professional, fast.
Contractors can self-attest without enrolling in MDM. Transparent, local, open-source — they can read every line before running it.
Fleet view, drift alerts, policy files, and auditor exports — across every Mac in your org. Join the waitlist and we'll reach out first.
No spam. Unsubscribe anytime. The CLI is always free.