macOS Hardening: Lockdown Mode, MDM and Attack Surface Reduction

A freshly unboxed MacBook ships from Apple with roughly 70% of the protections you actually need if you are targeted by mercenary spyware like Pegasus, Predator or QuaDream. The other 30% are your choices: Lockdown Mode, MDM profiles, FileVault with an offline recovery key, and aggressive service teardown. The Basilisk Team has handled clients who received Apple threat notifications since 2021, and the pattern keeps repeating: the machine was 'safe' from a casual user's perspective, but kept iMessage auto-attachments, AirDrop on 'Everyone for 10 minutes', and Wallet syncing cards via iCloud without hardware 2FA. This piece is the playbook we run before handing an Apple Silicon device to a high-risk profile.

Start with Lockdown Mode, introduced in macOS Ventura and mature in Sequoia 15.2. It disables JIT rendering in Safari, complex web fonts, Messages link previews, FaceTime from strangers, wired connections to new accessories, and Shared Albums. In real testing against CVE-2023-41992 and CVE-2024-23222 exploits, Lockdown Mode broke exploitation chains in 4 of 6 internal PoCs. The cost? Complex PDFs break in Mail, some heavy WebGL sites refuse to load, and exotic web fonts render as boxes. For the risk profile described in Personal Security for High-Visibility Targets: Journalists, Activists, and Executives and OPSEC for Security Researchers: Building a Personal Threat Model, the tradeoff is trivial.

MDM is where most people get it wrong. You do not need corporate Jamf at 8 dollars per seat for a personal machine: tools like mdmb and the free Mosyle Business tier (up to 30 devices) let you push configuration profiles with policies the System UI does not even expose. Block unsigned kernel extensions, force Gatekeeper to 'App Store and identified developers', disable Bonjour multicast on untrusted networks, and force XProtect Remediator automatic updates. Document each profile in a Sigstore-signed git repo, as we describe in Supply Chain Security: Sigstore Signing and Real SBOMs in CI/CD. Without a signed profile, the user can rip out protections in panic during a trip.

FileVault needs three tweaks beyond the default. First, generate the institutional recovery key with fdesetup changerecovery -institutional and store it on an offline YubiKey 5C, never on iCloud. Second, fully disable sleepimage with pmset -a hibernatemode 0 and remove /var/vm/sleepimage; without that, your FileVault key sits in RAM after suspend and cold boot attacks with PCILeech still work on remaining Intel Macs. Third, set pmset -a destroyfvkeyonstandby 1 standbydelaylow 60 standbydelayhigh 60 to force the key drop in 60 seconds. Combine this with the 3-2-1 backup strategy detailed in Disk Crypto and Backups: VeraCrypt, LUKS and a Resilient 3-2-1 Strategy.

Attack surface reduction means killing daemons you do not use. Run sudo launchctl list | wc -l on a fresh Mac: typically 280+ services running. Disable with launchctl disable system/com.apple.AirPlayXPCHelper, com.apple.rapportd, com.apple.sharingd, com.apple.familycircled, and com.apple.bluetoothd if you use wired headphones. For telemetry, edit /Library/Application Support/CrashReporter/DiagnosticMessagesHistory.plist and firewall-block with Little Snitch or LuLu the endpoints diagnostics-d.apple.com, gateway.icloud.com and xp.apple.com. Careful: blocking ocsp.apple.com breaks notarization checks and can stall signed apps. Document every block with rationale, the same way we recommend in Linux Server Hardening: Applying CIS Benchmark Without Breaking Production.

Browser and mail deserve their own chapter. Use Safari with Lockdown Mode for banking and real accounts, and Firefox with containers plus uBlock Origin for research. Never install Chrome extensions from unaudited sources: the ecosystem had 35 malicious extensions removed in January 2025, several with more than 100,000 installs. For email, disable remote image loading in Mail.app (Preferences > Viewing > Load remote content) and use Apple Mail Privacy Protection only if you accept routing through Apple proxies. For sensitive comms, move to Signal or SimpleX based on our evaluation in Comms OPSEC: Signal, SimpleX and Session Technically Compared.

Finally, monitor. Install Google's santa in MONITOR mode for a week first, then switch to LOCKDOWN with a binary allowlist. Configure UnifiedLog queries to detect XProtect and MRT trigger events: log show --predicate 'subsystem == "com.apple.xprotect"' --last 7d. That reactive investigation is detailed in macOS Incident Forensics: UnifiedLogs, FSEvents and AULR in Practice. Practical takeaway: no single measure stops a well-funded adversary, but the combination Lockdown Mode + signed MDM profile + FileVault with YubiKey + Santa in lockdown + Little Snitch + zeroed sleepimage raises the exploitation cost from 4 digits to 6 digits. That is exactly the point at which you drop off the menu of viable targets.