Continuing our recent string of exciting updates to Checks system in Kolide (like our new Custom Check editor), we are pleased to announce a number of new Checks and improvements.
As part of our Evergreen Vulnerability Management strategy, Kolide recently released the Require Firefox is Up-To-Date Check, which helps your staff keep Firefox updated on Mac, Windows, and Linux devices.
This check works much like its Google Chrome counterpart. First, Kolide regularly polls Mozilla’s update servers to retrieve the latest released version number for each distribution channel. From there, it inserts the version numbers into the query that gets sent to the device dynamically. Finally, false positives are avoided by only producing a Kolide Issue if Firefox is actively running on the device.
Last week, Apple Released macOS Ventura. In our blog post, The Security and IT Admin’s Guide to macOS Ventura, we discussed how this update features an entirely all-new System Settings app (replacing System Preferences).
To support this change, we’ve updated all of our macOS Checks to dynamically supply fix instructions which direct users to the correct app (System Preferences or System Settings) and the corresponding Preference Pane, depending on which version of macOS they are currently using.
Previously, Kolide considered devices that had not yet run a Check as “Passing.” To address this potential ambiguity, we have added a new status called “Pending.” You can now see how many devices are still waiting to return results for a Check; this is particularly helpful when you’ve recently enabled a new Check, and want to monitor its progress.
With the increased usage of iCloud Private Relay, we’ve had several requests from customers to introduce a Check that allows organizations to suggest that it be turned off. If you’d like to know more about iCloud Private Relay and the situations in which it may be a good idea to turn it off, we’ve also released an accompanying explainer article which covers all the details.
macOS 10.13 and higher support an auto-unlock feature called “Unlock Mac with Apple Watch”. This capability allows a user who has a paired Apple Watch to automatically login to their device when they wake it from sleep without going through a password prompt/authentication.
Some organizations worry this in effect reduces the security of a Mac whose paired watch has been stolen to a 4-digit PIN, and can result in unauthenticated access in situations where an individual is near their device (eg. a bathroom) and someone wakes it from sleep.
For organizations that want to encourage users to turn off this feature, we’ve created a new Check to do just that.
Believe it or not, we still have more exciting updates and improvements in store for the Kolide Checks feature before the end of the year! If you haven’t already, sign up for our newsletter so you don’t miss them.