Jamf Protect adds malware prevention and unified log forwarding

We heard you and are happy to announce that Jamf Protect has added malware prevention and unified log forwarding.

May 21 2020 by

Matthias Wollnik

Customer conversations and feedback are integral to shaping Jamf product functionality across our entire portfolio of solutions. We’ve heard that you love the visibility Jamf Protect offers, value the advanced detections of unknown malware, and constantly find exciting ways to leverage our compliance monitoring capabilities. At the same time, we heard your requests for Jamf Protect to prevent known malware from running on machines and allow for more data collection of investigations/audit logs.

We’re excited to announce that we’ve heard you loud and clear.

Malware prevention with Jamf Protect

One of the most fundamental security needs organizations have is to ensure that malware does not seize their devices. This is such a base requirement that various compliance regulations even codify the need and every basic security benchmark looks for that functionality.

On Mac, people have often relied on one of two options:

  • Run antivirus (AV) software designed to detect primarily Windows malware and hope it finds anything on Mac
  • Rely on Mac’s built-in security mechanisms and the fact that there are fewer malware instances on macOS compared to Windows

For many organizations, neither of these options fully address the risks and needs they face today.

Jamf Protect has now expanded its threat prevention capabilities to prevent the execution of known malware. As always, Jamf Protect is completely focused on Mac and doesn’t spend device resources to scan for large amounts of files for Windows malware that cannot affect the protected device. This ensures:

  • End-user privacy and device experience expectations
  • Low impact to device and directly aligns with Apple’s approach of security by leveraging the Endpoint Security Framework

Unified Log forwarding with Jamf Protect

Security teams always need more visibility during an incident investigation and they often collect logs from a variety of systems and devices in SIEMS or other log aggregation systems in attempt to achieve that visibility.

Also, compliance regulations generally require that certain activity on devices — such as authentication — be logged into a system of record. During an audit that system of record is then used to prove that data is being handled correctly.

Apple’s unified logging on Mac is incredibly comprehensive and the querying capabilities are vast, but it’s on-device only logging. Jamf Protect can now forward data collected in the unified log into a system of record across your organization. When an investigation or audit is underway, an organization can then have a complete and customizable picture of what is happening on their fleet of Mac.

If you’re looking to take your Mac security up a notch and sleep better at night, see a demo of Jamf Protect for yourself and get any of your Mac security questions answered.

Put security best practices to the test.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.