Launched this week
fort
One command to audit and fix your Mac's security
122 followers
One command to audit and fix your Mac's security
122 followers
Most Mac security tools need agents, signups, or MDM. fort doesn't. One command checks 15+ security settings: FileVault, SIP, firewall, screen lock, local admin rights, Gatekeeper, SSH, AirDrop and more. Reports a score and fixes most issues automatically. Single binary. No telemetry. MIT licensed. Perfect for developers hardening their own Mac, and for teams preparing for SOC 2 or ISO 27001 without the MDM overhead. brew install djadmin/tap/fort
fort
Hey PH, Long time π
Every month, before a compliance audit, I found myself asking the same question:
"Is my Mac actually configured securely?"
The answer usually meant digging through system settings, running terminal commands I could never remember, and manually collecting evidence.
So I built a small tool called fort: https://github.com/djadmin/fort
fort checks your Mac against common security best practices, helps fix issues with your approval, and generates a report you can use for compliance and audit evidence.
It is designed for founders, developers, consultants, and small teams who want confidence that their devices are secure without the complexity of managing an MDM.
A few things I cared about:
* No accounts or signups
* No telemetry or tracking
* No agents running in the background
* Complete transparency into every check
I built it for myself, but I am sharing it in case it helps others dealing with security reviews, compliance requirements, or simply wanting a more secure Mac.
Would love your feedback and ideas on where to take it next π
https://djadmin.github.io/fort
This is cool trying to recall and make sure to check basic security settings is hard to always keep in mind and I feel like this is very relevant today with the high risk with AI agents. I like that you kept this lightweight and private as well avoiding a heavy MDM solution. How do you handle the case where you may need a system reboot or elevated permissions that could temporarily disrupt a local environment?
fort
@lavaman131Β Thanks, really glad it resonates, and yeah, that's exactly why I wanted to keep it local and lightweight.
Good question btw. fort only auto-fixes things that apply instantly, so no reboots. The riskier stuff like FileVault and SIP it won't change on its own, it just flags those so you can decide. And anything that needs sudo, it shows you the command and asks first (or you can use --dry-run to just preview). So it stays out of your way.
What was your score, if you don't mind sharing? Curious if it caught anything useful.