What is Apple Rapid Security Response?
At WWDC 2022, Apple announced their Rapid Security Response feature. This feature, available on devices running iOS 16 or later, delivers important security content between OS updates. This new kind of security update helps keep devices more secure with the latest security patches without requiring a full system update by delivering important security improvements between software updates — according to Apple for example, “improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries… or issues that might have been exploited or reported to exist ‘in the wild.’"
The first response was delivered on May 1, 2023, for devices running iOS 16.4.1, iPadOS 16.4.1 and macOS 13.3.1. Responses are specific to minor OS version builds, and will only be visible until the next response or OS version is released.
How does this affect devices enrolled in Jamf Pro?
Jamf recommends that organizations allow Apple Rapid Security Response to ensure devices always have the latest available security updates from Apple.
Organizations can utilize Jamf Pro to monitor user adoption of Rapid Security Response updates. Devices in your fleet running the latest OS will already show the response available in the software updates section of their device settings. Jamf Pro 10.46 added support for declarative status reporting for several device inventory attributes specific to Rapid Security Response, and uses Declarative status reporting to detect new supplemental build details related to Apple Rapid Security Response releases:
- Operating System Supplemental Build Version
- Operating System Rapid Security Response
Using Declarative status reporting to update inventory for these Rapid Security Responses means devices are able to automatically send new version information directly to the management server immediately upon completing the update — giving IT real-time visibility into the adoption of Rapid Security Response updates across their fleet.
Once a Mac has the response applied, the details of the supplemental build are visible on the computer record in Jamf Pro:
Similarly, mobile devices have the iOS Rapid Security Response and iOS Supplemental Build Version displayed on the General tab of the mobile device record:
Jamf Pro also offers restrictions that can manage Rapid Security Response behavior on a device. The ability to see, install and/or remove the response is determined by settings in the Restrictions payload for both macOS and iOS:
Organizations can use Jamf Pro to send push notifications via Self Service to encourage users to apply the Apple Rapid Security Response, and with the combination of settings to permit users to apply Rapid Security Response updates and lightning-fast reporting on current update status, Jamf admins are empowered to protect their fleets from emerging threats as soon as Apple identifies them.
Want to take advantage of Rapid Security Response?
Have market trends, Apple updates and Jamf news delivered directly to your inbox.