Craig is a Security Engineer on the Platform Security Team. Craig’s responsibilities are wide and vast. Among other things, the Platform Security Team has been tasked with implementing an application whitelisting/blacklisting solution across his company’s entire macOS device fleet in order to enable employees to install approved applications on their machines and prevent them from installing potentially dangerous, non-approved applications.

From previous attempts at implementing an application whitelisting/blacklisting solution, one of Craig’s pain points he has experienced is a very complex, manual process to go from the app approval phase to having the app placed into the company's approved application marketplace. In addition to keeping the devices safe, the Platform Security Team wants to enable employees to submit new applications for consideration of being whitelisted.

Craig empathizes with his company’s employees and recognizes that it is difficult for them to make the switch from a “run any app you’d like” policy to only running apps that have been approved and are available through the approved application marketplace.

Overall, Craig feels that optimization for both the end user and operator experience is key.

Brandon is a Security Engineer on the Threat Operations Team. He works on developing threat detections and engineering tools for the team. He performs data analysis on large amounts of data looking for correlations of compromise so that the team can develop detection and (incident) response notebooks to automate incident investigation data.

Brandon will also help in deploying the backend server for his company's application whitelisting/blacklisting solution, including adding plugins to this server that will further assist the Threat Operations Team.

Frequently, the tools Brandon uses in his role lack the functionality he needs to perform his job. There is typically a significant amount of overhead required to get new features added. He would like improvements to these solutions to be easier to implement.

Brandon and his team don’t want to have to determine if the tools they are using are compatible with the systems used by the Threat Operations Team and his company at large.

Having to hunt for problems in the tools Brandon and his team employ can divert attention from the jobs that they need to perform. Easy troubleshooting and maintenance is key.

Arthur is a Client Platform Engineer. His team maintains the macOS fleet for his company. He and his team employ multiple deployment technologies for package delivery. Arthur’s team also maintains their company’s Device Enrollment Program (DEP) server.

Arthur and his team need to be able to see which apps that their employees are attempting to install on their machines across the fleet, and which of those are blacklisted or whitelisted. His team also needs to be able to build reports on these events for review.

Arthur wants all approved software, including tools for managing and monitoring machines, to be easily deployed using the tools and workflows they use today for distributing software across the fleet.

Sarah is a Marketing Manager. She periodically needs to install new applications and tools to do her job effectively and efficiently. She will check with her company’s approved application marketplace to find approved applications she can install, but frequently the tools she is considering are not on the approved applications list.

Sarah needs to be made aware when the software she is trying to run on her device is not approved for use by her company’s Platform Security Team. She also needs to know what steps she needs to take to get new applications approved and added to her company’s approved application marketplace.

Sarah needs to be able to perform her job without having to concern herself about the DEP or MDM tools running on her computer. Having remote management software consuming device resources can result in her applications misbehaving which can prevent her from performing her duties.