News from the North Pole

Insights, updates, and expert analysis from the North Pole Security team.

RSS

Product•March 4, 2026

Telemetry, Rebuilt

Export Santa’s incredible telemetry stream to Workshop and query it directly from the Workshop UI using regular SQL.

By Russell Hancox

Releases•March 3, 2026

Announcing Workshop 2026.2

Workshop v2026.2 introduces Chat with Workshop, Ancestor-based CEL policies, improved Telemetry export & querying, and much more!

By Russell Hancox

Releases•March 3, 2026

Announcing Santa 2026.2

Santa v2026.2 introduces several significant features, including process-tree-aware rules, network monitoring and statistics, telemetry export filters, and more.

By Matthew White

Product•February 3, 2026

Announcing Touch ID - Santa Checks Twice (with your Fingerprint)

Santa now supports Touch ID verification before execution. Create CEL rules that require biometric confirmation for sensitive operations like browser debugging mode.

By Pete Markowsky

Releases•January 29, 2026

Announcing Santa 2026.1

Santa v2026.1 introduces several significant features, including the ability to gate execution behind TouchID, block mounting network shares, a menu bar item for interacting with Santa without a terminal, co-branding, and more.

By Matthew White

Releases•January 29, 2026

Announcing Workshop 2026.1

Workshop v2026.1 introduces several significant features, including package rules, the ability to gate execution behind TouchID, network mount blocking, and more.

By Russell Hancox

Announcements•January 20, 2026

Introducing Package Rules

Package Rules automates the tedious work of maintaining allowlists for Homebrew, npm, Cargo, and other package managers. Workshop now keeps your execution rules current so your developers can use the tools they need.

By Pete Markowsky

Advent Calendar•December 25, 2025

North Pole Security Advent Calendar: 25 Days of macOS Protection

Discover 25 production-ready Santa rules inspired by actual macOS malware. Each day reveals a new CEL or FAA configuration to protect against threats like Atomic Stealer and threat campaigns targeting credentials, persistence, and data exfiltration.

By Pete Markowsky

Announcements•October 30, 2025

Introducing a Private Sync Protocol for Workshop Customers

A new, private sync protocol has been introduced for Workshop customers that allows for faster feature delivery and iteration.

By Pete Markowsky

Announcements•October 9, 2025

One Year of North Pole Security

Join us as we reflect on North Pole Security's first year, highlighting our achievements, challenges, and the dedicated team behind our success.

By Pete Markowsky

Announcements•July 30, 2025

North Pole Security Raises $4M to Reimagine Endpoint Security for macOS

North Pole Security raises $4M in seed funding to accelerate development of Workshop, a proactive, prevention-first endpoint security platform for macOS that uses advanced allowlisting to stop threats before they run

By Pete Markowsky