What updates are there for ESF and security?

At WWDC, Apple introduced several updates related to security and device management, which are relevant to ESF (Endpoint Security Framework) and overall security enhancements:

1. macOS Extensions Transparency and Control: In the session What’s new in privacy, Apple discussed how extensions for apps now live in one place in macOS system settings. This change makes it easier to understand and control if and when your app is running, enhancing transparency and user control over system extensions.

2. App Group Data Container Protection: Also in the What’s new in privacy session, Apple introduced app group data container protection on macOS. This feature brings the protections of sandboxing to both groups of apps and apps that aren't ready to sandbox all of their data yet, ensuring data access is always expected by restricting access to protected resources.

3. Disk Management Configuration: In the session What’s new in device management, Apple introduced a new disk management configuration that allows IT admins to manage external and network storage. This includes options to allow or disallow external or network storage, or limit mounting to read-only volumes, replacing the deprecated media management payload.

4. Quantum-Secure Cryptography: The session Get ahead with quantum-secure cryptography highlighted the importance of migrating to quantum-secure cryptography to protect data in transit from potential future quantum attacks. This includes using Quantum Secure Encryption in TLS, which is enabled by default on Apple operating systems starting in iOS 26.

These updates reflect Apple's ongoing commitment to enhancing security and privacy across its platforms, providing developers and IT administrators with new tools and configurations to better manage and secure their applications and devices.