[hunters_laptop]

"Instead it records those events in the log, and in Ventura and later makes them available to third-party software through Endpoint Security events."

Sounds like what malware did for decades

[dotty-]

What are you trying to say by this comment? Odd comparison.

[jasoneckert]

In this case, it's for enterprise MDM and MDR software agents that have device-level trust after the device has been enrolled (e.g., Apple Business Manager, Microsoft Intune, Kandji, Jamf).

[paradox460]

I would say the line between malware and most mdm packages is up for debate

[andrekandre]

thats interesting, i'm guessing it means slowly third-party scanning will become more and more rare?

currently my battery-life really suffers with third-party scanning burning through my m1 cores after a build...