Workshop is a macOS endpoint protection platform built around Santa, an open-source macOS security agent originally developed at Google and now maintained by North Pole Security. The platform provides application allowlisting and execution control for macOS fleets, combining Santa's binary authorization capabilities with an enterprise-grade management layer. Core protection mechanisms: - Binary Authorization: Controls which software is permitted to execute on managed endpoints - File Access Authorization: Restricts access to sensitive files to block infostealer-style attacks - USB/SD Blocking: Prevents data exfiltration through removable media - Rich Telemetry: Captures and surfaces system security events with full audit trails Allowlisting and approval workflows: - Self-Service Approval: Allows designated users to approve low-risk software requests directly - Designated Approvers: Routes software requests to specific individuals, with support for multi-approver requirements - Social Voting: Enables community-based approval decisions for collaborative team environments - Per-team workflows: Distinct approval processes can be assigned to different teams Risk and threat intelligence: - A customizable risk engine evaluates software requests - Threat intelligence integrations assist in approval decisions Audit and compliance: - Complete audit trails record every approval decision and enforcement action - Reporting tools provide visibility into fleet security posture Workshop is positioned for enterprise macOS fleets and is built by the team that maintains the Santa open-source project.