Rigorous Endpoint Protection with Google Santa.

With Zentral you get a clear pathway to implement Application Allowlisting without having to reinvent the wheel.

The nuts and bolts of endpoint security.

Application Allowlisting is an important Protect (or similar) function of security frameworks. NIST has a detailed guide dedicated to planning and implementing of allowlisting technologies throughout the security deployment lifecycle.

The Binary Authorization Module stops the execution of malware, unlicensed software, and other unauthorized software on endpoints of your fleet. Unlike, say, antivirus software, which blocks known bad activity and permits all other, binary authorization is designed to permit known good activity and block all other.

Successful implementation of Application Allowlisting requires a phased approach: Start by blocking and allowing known apps first while monitoring all other processes. Then, once you are more confident, switch to a stricter mode of operation. Ultimately, only approved apps are allowed.

Approved by Google and tested millions of times.

Zentral facilitates Application Allowlisting through Santa, an open source binary authorization system that Google developed for their fleet of macOS Endpoints. It is called Santa because it keeps track of binaries that are naughty or nice.

Santa was a pioneering piece of software when it released in 2014, and has been actively maintained since. Santa adopted the macOS Endpoint Security framework much earlier than commercial solutions and continues to improve with new features.

Zentral directs Santa as a sync server to dynamically configure the agent and to collect the events it logs.

Great observability and strong reporting capabilities.

With Zentral you can create comprehensive reports automatically, you can export rules and incident metrics and you can build custom dashboards to keep you and stakeholders informed accurately. App execution events are normalized and shipped to your favorite event stores so you can keep a record of anything that ever happened on your Macs. Zentral lets you measure how effective your setup is performing without having to look in different places:

  • See how many and how often unknown apps are being allowed or blocked
  • Graph agent enrollments
  • See configuration issues

Our Enterprise Plan helps you succeed with:

Santa deployment.

We manage the Santa agent with macOS configuration, Zentral enrollment, and upgrades.

Santa configuration.

We configure Santa based on your requirements and guide you to towards tight Allowlisting

Santa reporting.

We turn events into metrics and dashboards for real-time reporting

Like to try Binary Authorization with Zentral?

Discover our guided test environment program to see how we make it work (it's free!)

Request access