This capability requires logging in to Jamf Pro using OIDC-based single sign-on (SSO) configured in Jamf Account. If you do not have an OIDC identity provider (IdP), Jamf ID is available as an SSO option. For more information, see SSO with OIDC Through Jamf Account in the Jamf Pro Documentation.
Built on the foundation of the macOS Security Compliance Project (mSCP) framework, compliance benchmarks enables organizations to implement and maintain robust security standards across their Mac fleets. This feature supports industry standard frameworks, such as the Center for Internet Security (CIS) benchmarks, allowing organizations to quickly and easily align their security posture with recognized best practices.
Compliance benchmarks empowers organizations to establish comprehensive device security baselines through automated configurations consisting of policies, configuration profiles, scripts, extension attributes, smart groups, and other management settings. When implementing benchmark configurations, the system automatically generates all management settings, as needed, to enforce specific security controls. For example, some security controls might require scripts to verify system settings or remediate non-compliant configurations, while others are enforced through configuration profiles that maintain consistent security settings across devices.
Jamf maintains a robust review process for new macOS Security Compliance Project (mSCP) rules before they are made available in compliance benchmarks. This process includes automated monitoring of updates, thorough security validation, and comprehensive testing to ensure reliability and safety before deployment to customer environments.