Santa is a binary and file access authorization system for macOS. It consists of a system extension that monitors for executions, a daemon that makes execution decisions based on the contents of a local database, a GUI agent that notifies the user in case of a block decision, and a command-line utility for managing the system and synchronizing the database with a server. It is named Santa because it keeps track of binaries that are naughty or nice. Docs: The Santa docs are stored in the Docs directory and are published at https://santa.dev. The docs include deployment options, details on how parts of Santa work, and instructions for developing Santa itself. Get Help: If you have questions or otherwise need help getting started, the santa-dev group is a great place. If you believe you have a bug, feel free to report an issue, and we'll respond as soon as we can. If you believe you've found a vulnerability, please read the security policy for disclosure reporting.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A library to access and parse the Microsoft Internet Explorer Cache File format.
A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications.
A lightweight malware detection and removal tool that provides real-time protection against complex attacks while preserving system resources.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
A simple ransomware protection that intercepts and kills malicious processes attempting to delete shadow copies using vssadmin.exe.
Deep Instinct is a predictive prevention platform that uses deep learning to prevent unknown threats, including ransomware and zero-day malware, from infiltrating storage environments, applications, and endpoints.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.