Added swiftGuard, Anti-forensic macOS Application, for physical access threats

[Lennolium]

I added the macOS OpSec-enhancing/Anti-Forensic Application 'swiftGuard' to the category 'Physical access'. If you think it would fit somewhere else, please feel free to edit.

Overview

It's an anti-forensic macOS tray application designed to safeguard your system or server by monitoring USB ports. It ensures your device's operational security by automatically initiating either a system shutdown or hibernation if an unauthorized device connects or a connected device is unplugged. It offers the flexibility to whitelist designated devices, to select an action to be executed and to set a countdown timer, allowing to disarm the shutdown process. It's a revival of the well-known usbkill project by hephaestos, but with a Graphical User Interface and added functionality.

swiftGuard on Github

Why?

For non-technical user, using the original usbkill command line tool (see above) is far too difficult. This is the reason for swiftGuard: It offers a nice, clean and intuitive Interface with some additional features, whitelisting and an active development (unlike usbkill, which seems abandoned).

Screenshots

Disclaimer:
I'm an computer science student and developed this app by myself. I did not want to offensively spam/advertise my work here. I really think, it would improve this curated list and help others.

[Lennolium]

small little reminder :)

[drduh]

Very cool, thanks!

[Lennolium]

Thank you so much for your great guide! :)

[beerisgood]

Small info:

with macOS Sonoma a similar feature is built in with MacBooks.

[Lennolium]

If you mean the lockdown mode, you are right. But Many users do not want to activate it, because its really restrictive in general. With swiftGuard you get the higher protection without needing to enable the lockdown mode.
But thanks for your input, wasting your time on something that is already implemented can be really painful :)

Small info:

with macOS Sonoma a similar feature is built in with MacBooks.

[beerisgood]

If you mean the lockdown mode, you are right. But Many users do not want to activate it, because its really restrictive in general. With swiftGuard you get the higher protection without needing to enable the lockdown mode. But thanks for your input, wasting your time on something that is already implemented can be really painful :)

Lockdown mode isn’t restricted to MacBooks only. It’s available for other Macs too.
I mean this: https://support.apple.com/guide/deployment/depf8a4cb051/web

[Lennolium]

Yes thats right. Still the use case of someone stealing your mac or the police raiding your home while you using your mac, is still valid. Then a disconnect of an connected usb stick will trigger a shutdown and thus your encrypted hard drive is safe.
Thanks for going into detail :)

If you mean the lockdown mode, you are right. But Many users do not want to activate it, because its really restrictive in general. With swiftGuard you get the higher protection without needing to enable the lockdown mode. But thanks for your input, wasting your time on something that is already implemented can be really painful :)

Lockdown mode isn’t restricted to MacBooks only. It’s available for other Macs too. I mean this: https://support.apple.com/guide/deployment/depf8a4cb051/web