EPM macOS allows monitoring, restricting, and applying rules to the execution of commands with sudo, ensuring greater control over privileged actions.
With this functionality, it is possible to:
- Audit all commands executed with sudo.
- Allow or block specific commands.
- Log detailed logs with arguments and responses.
Operation
With the EPM agent installed, commands with sudo are intercepted and evaluated according to the rules configured in command policies.
Practical Applications
- Control of sensitive commands.
- Risk reduction in the terminal.
- Compliance with audit and security standards.