Insights, updates, and expert analysis from the North Pole Security team.
RSSSanta now supports Touch ID verification before execution. Create CEL rules that require biometric confirmation for sensitive operations like browser debugging mode.
Santa v2026.1 introduces several significant features, including the ability to gate execution behind TouchID, block mounting network shares, a menu bar item for interacting with Santa without a terminal, co-branding, and more.
Workshop v2026.1 introduces several significant features, including package rules, the ability to gate execution behind TouchID, network mount blocking, and more.
Package Rules automates the tedious work of maintaining allowlists for Homebrew, npm, Cargo, and other package managers. Workshop now keeps your execution rules current so your developers can use the tools they need.
Discover 25 production-ready Santa rules inspired by actual macOS malware. Each day reveals a new CEL or FAA configuration to protect against threats like Atomic Stealer and threat campaigns targeting credentials, persistence, and data exfiltration.
A new, private sync protocol has been introduced for Workshop customers that allows for faster feature delivery and iteration.
Join us as we reflect on North Pole Security's first year, highlighting our achievements, challenges, and the dedicated team behind our success.
North Pole Security raises $4M in seed funding to accelerate development of Workshop, a proactive, prevention-first endpoint security platform for macOS that uses advanced allowlisting to stop threats before they run