Ennetix’s xTend for the Mac has reached beta status!
We have started testing with outside beta testers via Apple’s TestFlight service. (See Getting started testing xTend).
Why we developed xTend
Apple has announced that its current macOS auditing system, BSM, has been deprecated and will be removed in a future version of macOS. Every DoD organization, federal civilian organization, government contractor, and enormous numbers of commercial organizations will need to find a replacement to meet their auditing requirements.
xTend, leveraging Apple’s newest network and endpoint system extension technologies, shows what is possible with a modern auditing system. Our goal is to be truly useful in detecting a wide range of threats and problems that can affect your Mac.
(Seriously. How often (ever?) have you heard someone say, “The computer’s audit data was critical to detecting and analyzing that threat.”?)
Below is the promotional and description text we plan to use for the Mac App Store.
The promotional text
Unlock hidden activity in your Mac with Ennetix xTend! Get real-time insights into active processes, invisible connections, and more. Stay ahead, stay secure!
The description
Introducing Ennetix xTend, the next level in cybersecurity for Mac users. This ground-breaking tool provides unparalleled visibility into the covert activities taking place in your system. With xTend, you can finally peel back the layers of your Mac's operations to see what's really happening underneath.
How does it work? xTend leverages Ennetix's advanced network system extension event stream along with an optional Ennetix endpoint system extension to uncover hidden processes, undetectable connections, and critical program information. Want to know where your data is going, even when encrypted? xTend has got you covered. Curious about which organizations are behind the programs running on your computer? xTend will tell you.
Key Features:
Real-time visibility into active processes.
Monitor all connections, even encrypted connections.
Identify organizations behind running programs.
Track program distribution methods.
Optional Extension:
Taking security to another dimension, the optional Ennetix endpoint system extension elevates xTend’s capabilities exponentially. When installed, you gain:
Insights into transient programs that run momentarily.
Detailed provenance of program executions.
Monitor commands from the Terminal app and SSH logins.
View programs initiated via shell scripts.
Authentication events including unlocking methods (Password, Apple Watch, Touch ID).
By offering all these features, Ennetix xTend provides unprecedented observability into the secret life of your Mac. No more wondering about invisible threats; with xTend, you’re always in the know. Equip yourself with Ennetix xTend and step into a more secure future today.
Sample screenshots
Network traffic
Network traffic; highlighting details of even encrypted connections
GoogleUpdate running; arguments passed in are shown as well as the provenance for how it was started
Details of each development team running software software on your Mac
Focus on programs launched from a command-line shell or a shell script
Deep provenance chain of GoogleUpdater modifying your computer
Computer being unlocked with Touch ID; authentications by Touch ID, Apple Watch, and password recorded
Rates of network and process executions over time
Update controls show along with multiple windows simultaneously
Rich details can be simultaneously displayed