Every capability, on one platform.
AI chat, approval workflows, package rules, risk intelligence, file access authorization, telemetry, and more. Explore every feature Workshop layers on top of Santa.
The platform
One open-source core. Add power as you need it.
Santa protects every Mac at the core. Each North Pole add-on wraps another layer of capability around it, without replacing what is underneath.
- Santa Open-source core
Binary authorization and file access control on every Mac. Free and open source.
- Workshop Adds the platform
Central console, approval workflows, risk engine, and policy at fleet scale. A dramatic step up in power.
- Santa Networking Adds network
Per-process netflow visibility and network blocking.
- Santa Telemetry Adds detection
On-host detections (Signals) and telemetry export.
Comparison
Santa vs Workshop, capability by capability
Considering open-source Santa on its own versus Santa with North Pole's Workshop? Santa gives you a strong security foundation on every Mac. Workshop builds on that with centralized management, automation, and the operational tooling that security teams need to run it at scale.
Binary authorization
| Capability | Santa | Workshop |
|---|---|---|
| Monitor, Lockdown, and Standalone modes Start by logging what runs, then move to default-deny at your own pace. | ||
| On-demand monitor mode Grant a user a temporary, auto-reverting Lockdown bypass for a set window. | ||
| Allow / block rules Allow or block one app or a whole publisher by SHA-256, Signing ID, Certificate, CDHash, or Team ID. | ||
| Transitive / compiler rules Auto-trust everything your approved compilers build so developers aren't blocked. | ||
| Block by Entitlement Block whole categories of apps without maintaining a list, such as anything requesting a given entitlement. | ||
| Sandbox rules Force risky apps to run inside a restrictive sandbox instead of blocking them outright. | ||
| Rule sharing Reuse curated rule sets across the fleet instead of rebuilding them per team. | ||
| Block by argument and environment variable Catch abuse of trusted binaries by inspecting the argv and environment they run with. | ||
| TouchID requirement via CEL Require a biometric tap before sensitive binaries are allowed to run. | ||
| Process tree CEL evaluation Allow a binary only when the right ancestors launched it, blocking abuse from untrusted parents. |
Package rules
| Capability | Santa | Workshop |
|---|---|---|
| Package manager allowlisting Auto-approve trusted developer tooling from Homebrew, npm, Cargo, GitHub Releases, and more. | ||
| Version filtering Allow only the package versions you have vetted. | ||
| Scheduled package syncs Keep allowlists current automatically as packages publish new releases. |
File access authorization
| Capability | Santa | Workshop |
|---|---|---|
| File Access Authorization policy support Control which processes can read or write sensitive files, not just which can run. | ||
| Glob path support Protect whole directories and patterns instead of listing files one by one. | ||
| Credential protection Stop infostealers from reading browser cookies, SSH keys, and keychains. Workshop adds managed presets and central delivery. | Partial | |
| File Access Rules via sync Push and update file-access policy across the fleet from one place. | ||
| File Access Rules block event upload See every blocked file-access attempt in the console. |
Removable media
| Capability | Santa | Workshop |
|---|---|---|
| USB / SD card blocking Stop data from walking out on mass-storage devices. | ||
| Read-only remount with flags Let a device mount read-only so data can be read but not copied off. | ||
| Separate policy for encrypted volumes Apply different rules to encrypted media than to unencrypted devices. | ||
| Device details in telemetry Record device model, vendor, and encryption state for each mount attempt. | ||
| Removable media event upload Surface every USB and SD mount attempt in the console for investigation. |
Network
| Capability | Santa | Workshop |
|---|---|---|
| Network share / mount blocking Block network shares from mounting, with an allowlist of trusted hosts. | ||
| Network telemetry See the network connections every process makes. | ||
| Process-level netflow visibility Attribute each network flow to the exact process that opened it. | ||
| Network blocking Block connections by process, destination, or port. | Coming soon |
Approval workflows
| Capability | Santa | Workshop |
|---|---|---|
| Self-service approval Let trusted users approve their own low-risk software without a ticket. | ||
| Designated approvers Route requests to managers or specific teams for sign-off. | ||
| Social voting Let colleagues vouch for software, the model Google ran across 100,000+ Macs. | ||
| Slack bot integration Approve requests where your team already works. |
Risk engine
| Capability | Santa | Workshop |
|---|---|---|
| VirusTotal integration Auto-check unknown binaries against VirusTotal before approval. | ||
| ReversingLabs integration Screen binaries against ReversingLabs threat intelligence. | ||
| Blockable rules plugin Flag entire classes of software with your own CEL expressions. | ||
| Custom risk plugins Plug in your own threat feeds over HTTP. | ||
| Risk engine exceptions Grant time-boxed exceptions per tag when you need them. | ||
| Flag blockables as malicious Halt every approval path the moment a binary is flagged. |
Threat detection
| Capability | Santa | Workshop |
|---|---|---|
| On-host detections (Signals) Catch suspicious behavior on the endpoint, not just at execution time. |
Telemetry and event export
| Capability | Santa | Workshop |
|---|---|---|
| Protobuf telemetry logging Capture structured, compact telemetry for every relevant event. | ||
| Parquet export format Land telemetry in a columnar format ready for analytics. | ||
| Telemetry upload Ship telemetry off-host without standing up your own pipeline. | ||
| Telemetry querying Search and slice endpoint activity from the console. | ||
| Telemetry filtering expressions Redact or drop sensitive fields before telemetry leaves the host. | ||
| Event analytics Spot trends across executions and approval workflows. |
Fleet management and response
| Capability | Santa | Workshop |
|---|---|---|
| Rapid policy delivery Push new rules to the fleet in seconds, not on the next sync interval. | ||
| Push sync trigger Force an immediate sync instead of waiting for the timer. | ||
| Agent ping Confirm a host is online and reachable in real time. | ||
| Remote process termination Kill a running process across managed hosts remotely. | ||
| Binary retrieval from host Pull a suspicious binary off a host for analysis. | ||
| Application inventory See what's installed across every managed Mac. |
Administration console
| Capability | Santa | Workshop |
|---|---|---|
| Web dashboard Manage hosts, rules, and events from one browser console. | ||
| Tag-based policy system Target policy by tag with predictable, ordered precedence. | ||
| Reports and analytics Track lockdown readiness, risky entitlements, and top blockables. | ||
| Comprehensive audit log See every change, who made it, and what it altered. | ||
| Full API coverage Automate any Workshop operation over a gRPC/Connect API. | ||
| MCP server Let LLM tools query and manage Workshop directly. | ||
| AI chat Ask questions of your fleet data in plain English. |
Identity and access
| Capability | Santa | Workshop |
|---|---|---|
| SSO authentication Sign in with your existing identity provider. | ||
| Directory sync (SCIM) Keep users and groups in sync with your IdP automatically. | ||
| Role-based access control Give each admin only the permissions they need. | ||
| Multi-party approval Require two admins for destructive actions like deleting API keys. |
Security and platform
| Capability | Santa | Workshop |
|---|---|---|
| Anti-tamper protections Protect rules, event databases, and sync state from tampering. | ||
| macOS 14+ support Validated through the latest macOS, including Tahoe 26. | ||
| Automatic updates Keep Workshop itself current automatically within configured maintenance windows. |
Workshop capabilities
Everything Workshop adds to Santa
Santa is a powerful open-source security agent on its own, but running it across a fleet of Macs is a different challenge. Workshop adds the management console, approval workflows, threat intelligence, and telemetry that make Santa practical and livable at enterprise scale.
AI Chat
Query events, manage rules, investigate issues in plain English.
Approval Workflows
Lockdown without the lockup. Self-service, manager, voting, and Slack-native.
Execution Rules
Block one app or whole categories at once. Match by entitlement, Team ID, CEL, and more, with no list to maintain.
File Access Authorization
Stop infostealers from reaching browser cookies, SSH keys, and credentials.
Package Rules
Auto-allowlist Homebrew, npm, Cargo, GitHub Releases, and more.
Removable Media Control
Block USB, FireWire, and network mounts that exfiltrate data.
Risk Engine
Pre-screen every binary against VirusTotal, ReversingLabs, and your own logic.
Social Voting
Peer consensus instead of a ticket queue.
Telemetry & EDR
Every execution, every file access, every block. Stream it to your SIEM.
Platform
See the whole platform in action
Santa secures every Mac. Workshop turns it into a managed platform with the console, automation, and operational tooling security teams need at scale.
Frequently asked questions
How do approval workflows keep teams productive in Lockdown mode?
Workshop offers multiple approval paths so users aren't stuck waiting on a single security team. Self-service approvals let users approve low-risk software themselves. Designated approvers route requests to team leads or managers. Social voting, the same approach Google used across 100,000+ Macs, lets colleagues vouch for software they trust. Slack integration means approvals happen where your team already works.
What are Package Rules?
Package Rules automate allowlisting for developer tools and package managers. Workshop automatically tracks and approves binaries from Homebrew, npm, Cargo, GitHub Releases, VS Code extensions, Terraform plugins, and more. Version filtering and scheduled syncs keep your allowlist current without manual rule creation.
How does the Risk Engine assess new binaries?
When Workshop encounters an unknown binary, the Risk Engine evaluates it against multiple threat intelligence sources. Built-in plugins query VirusTotal and ReversingLabs for known malware signatures and reputation data. You can also build custom webhook plugins to integrate your own threat intel feeds. The Risk Engine assigns a risk score that can drive automatic allow or block decisions.
Can Workshop protect files, not just binaries?
Yes. File Access Authorization controls which processes can read or write specific files on disk. You can protect browser cookies, SSH keys, keychains, and source code from infostealers by restricting access to only the apps that legitimately need it. Even if a malicious binary somehow runs, it cannot access the files you've protected.
What is the difference between Monitor mode and Lockdown mode?
Monitor mode allows all executions but logs everything, giving you full visibility into what's running across your fleet. Lockdown mode blocks any binary that isn't explicitly approved. Most organizations start in Monitor to build their allowlist and understand their software landscape, then move to Lockdown once they're confident in their rules. Workshop makes this transition gradual with risk scoring and approval workflows.