Security Bite: macOS 15.4 hits “Allow” on TCC event support<div class="feat-image">

</div><p>
9to5Mac Security Bite is exclusively brought to you by <a href="
https://mosyle.net/87PQ" target="_blank" rel="noreferrer noopener"><strong>Mosyle, the only Apple Unified Platform</strong>.[/url]
Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. <strong>
Request your EXTENDED TRIAL</strong>
today and understand why Mosyle is everything you need to work with Apple.</p>
<hr class="wp-block-separator has-alpha-channel-opacity">
<p>For years, macOS
security developers and researchers have urged Apple to add TCC events to the Endpoint Security (ES) framework. Doing so would allow them to directly trace a TCC request to the specific application (or malware) that triggered it. This could allow third-party security tools to offer real-time protection around permission requests.</p>
<p>The good news? Apple is finally making this happen in
macOS 15.4. </p>
<p>The bad news? It’s rough around the edges right now.</p>
<a data-layer-pagetype="post" data-layer-postcategory="macos-sequoia,security,security-bite" data-layer-viewtype="unknown" data-post-id="995735" href="
https://9to5mac.com/2025/03/28/security-bite-macos-15-4-hits-allow-on-tcc-event-support/#more-995735" class="more-link">more
Security Bite: macOS 15.4 hits “Allow” on TCC event support