Bit9 for Mac

Bit9 for Mac is the only advanced threat protection solution for endpoints and servers that continuously monitors and records all activity on desktops, laptops and servers while also stopping targeted, advanced threats and zero-day attacks that specifically threaten Macs.

When compared to traditional security tools, Bit9 for Mac is more effective in detecting and protecting Macs used in business from advanced threats and targeted attacks because it does NOT rely on threat signatures for identification. And, Bit9 for Mac integrates with network security devices such as FireEye and Palo Alto Networks to accelerate incident response and ensure all files arriving on endpoints and servers are safe.
With Bit9 for Mac, the Bit9 Security Platform is the first advanced threat protection solution for endpoints and servers to provide a single, integrated management console that supports both Mac and Windows assets.

Why does your organization need Bit9 for Mac?

Your business users are calling for increased usage of Mac desktops and laptops and your once Windows-centric IT infrastructure is changing. More concerning is the recent surge in malware attacks targeting Macs in the business. You know that the Mac is a vulnerable entrée into your enterprise network.

With Bit9 for Mac, you can support your executives’ and employees’ desire to use Macs while maintaining the level of security required in today’s computing environment:

Bit9 for Mac delivers:

  • Immediate visibility to everything running on Mac endpoints and servers in order to identify untrusted software and protect your organization’s trade secrets and IP.
  • Real-time signature-less detection and prevention of today’s advanced threats and zero-day attacks that target the Mac platform.
  • A recorded history of all endpoint and server activity to accelerate response.
  • The ability to close gaps in an organization’s compliance program created by user demand for the Mac platform.

Highlighted Features of Bit9 for Mac


Know what’s running on every Mac OS X device—right now.

  • Real-time Intelligence. A single console provides a live inventory of everything that executes on any of your Mac endpoints.
  • Active Monitoring. Track—in real time—where files are first seen, if they propagated to other machines, if they executed, etc.
  • Reputation ratings. Immediately see the Bit9 trust rating for files on your system. Have they been seen before? Are they malicious? Can you trust them?


Get real-time, signature-less detection of advanced threats and zero-day attacks.

  • Advanced Threat Indicators (ATIs). Monitor and examine files, registry, processes and memory execution, to identify potential compromise or infection.
  • See Untrusted Files. Spot suspicious files without relying on signatures or blacklists.
  • Detect Suspicious Behavior. Recognize when advanced attacks are occurring, such as memory violations, suspicious process behavior, configuration changes, operating system tampering and more. No testing and updating .dat files.


Stop untrusted software from executing.

  • Banning. Block the execution of any executable on any or all Macs with a single click.
  • Policy-based enforcement. Define the software you trust and treat everything else as suspicious.
    • Low enforcement. Inform the IT Security Team about the suspect software but allow it to run uninterrupted.
    • Medium enforcement. Ask the Mac user on whose machine the suspicious software is trying to run and if the execution should be allowed. The user’s decision only affects their machine.
    • High enforcement. Block the execution of any untrusted software until the IT Security Team formally reviews and approves it.
  • Advanced Script Protection. Track and approve ban scripts as well as executables.


A full audit trail for immediate analysis and remediation.

  • “Go back in time.” From a central console, see what software arrived on any computer, what created it, if it executed, what it did, if it deleted itself, etc.
  • Analyze history. Quickly determine exactly when a malicious file executed as well as the number of times it executed and on what systems.
  • Isolate untrusted software. Instantly filter out the “trusted” software to isolate the “untrusted” software without sifting through all your software to find bad files.
  • Determine a file’s trust rating. With Bit9 Cloud-based Software Reputation Service, you can obtain Bit9’s detailed information about a file’s trust rating, which is based on attributes such as age, prevalence, source, etc.

Network Security Integration

A first-of-its-kind integration with network security solutions such as FireEye and Palo Alto Networks for accelerated incident response and remediation.

  • Alert Prioritization. Automatically correlate network security alerts with Bit9’s real-time endpoint sensor and recorder data to determine which alerts are actionable.
  • Real-time Threat Detection. Locate every instance of a suspicious file across your endpoints and servers to accelerate incident response.
  • On-Demand Analysis & Remediation. Automatically submit all new files arriving on your endpoints and servers to network security appliances to immediately stop malicious software from spreading.

Cross-Platform Support.

In this era of cross-platform malware, you need to protect all of your endpoints and servers with a single security solution.

  • Integrated Management. A single console that supports both Mac and Windows assets.
  • Virtualized. Optimized for the major virtualization platforms from Citrix, Microsoft and VMware.

And, for large organization that need enterprise capabilities, Bit9 for Mac has the first enterprise-scale, next-generation server and security offering.

  • Enterprise Scalability
  • Enterprise Networking Support
  • Role-Based Access Control
Bit9 + Carbon Black