visionOS Security Compliance Project
visionOS can be configured to meet compliance baselines using the outputs from the macOS Security Compliance Project visionOS branch. This project, hosted by the National Institute of Standards and Technology (NIST) can be used to output customized documentation, configuration profiles, and an audit checklist based on the baseline chosen. Baselines published by NIST are considered to be created and distributed by an authoritative source, and are made official through the submission of supported baselines to the National Checklist Program.
This is a joint project of federal operational IT Security staff and volunteers from the National Institute of Standards and Technology (NIST), National Aeronautics and Space Administration (NASA), Defense Information Systems Agency (DISA), Los Alamos National Laboratory (LANL), Idaho National Laboratory, Lawrence Livermore National Laboratory, the United States State Department, Leidos, and the Center for Internet Security (CIS). The project uses a set of tested and validated controls for visionOS and maps these controls against any security guide supported by the project. Additionally, this project can be used as a resource to easily create customized security baselines of technical security controls by leveraging a library of tested and validated atomic actions (configuration settings). These vOSCP baselines can produce output content used in conjunction with management and security tools to achieve compliance. Configuration settings in this project support the following guidance baselines:
Organization | Supported baselines |
|---|---|
National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Recommended Security Controls for Federal Information Systems and Organizations, Revision 5 |
Additional information:
A baseline to review all rules in the project is available here.
To learn more about the project and usage, see the macOS Security Compliance Project wiki.
To set up the project for use, see: Getting to Know the macOS Security Compliance Project, Part 1 and Getting to Know the macOS Security Compliance Project, Part 2.
A list of products and services that leverage the project is maintained here.
If you’re interested in supporting the development of the project, see the contributor guidance.
For questions about Apple Security and Privacy Certifications, contact security-certifications@apple.com.