Skip to main content
M
Michel
Level 4.0: Ice cream sandwich
January 29, 2026
Question

Compliance project for Android?

  • January 29, 2026
  • 1 reply
  • 0 views

Hi all,

 

For Apple (iOS/MacOS ) we use the macos security compliance project tooling (https://github.com/usnistgov/macos_security#readme) for mapping compliance guidelines. A short summary:

 

The macOS Security Compliance Project (mSCP) is an open‑source framework that provides automated, customizable security guidance and baselines for macOS, producing documentation, audit checklists, configuration profiles, and remediation scripts.

 

It supports major security standards, including NIST SP 800‑53, NIST SP 800‑171, DISA STIG, CNSSI 1253, CIS Benchmarks, CIS Critical Security Controls v8, CMMC 2.0 Levels 1–2, and the Netherlands BIO baseline.

 

I haven't found such a project for Android, as anyone aware of such a project that maps security guidelines to available API's for Android Enterprise? 

 

Michel

    1 reply

    R
    Rakib
    Level 2.2: Froyo
    February 1, 2026

    You have STIG for Android. 

     

    Android 16 STIG is now live! | Android Enterprise and ChromeOS Customer Communities - 13166 

      M
      MichelAuthor
      Level 4.0: Ice cream sandwich
      February 2, 2026

      I'm aware of that one, but its very much focussed on defense grade security. And thats a bit much for average companies, companies who comply to NIS2 or regular government offices. 

       

      I think we all could benefit from more benchmarks being written down like the STIG version. For apple we can use all of these as a started point, which is very helpfull: 

       

       

      Terms & ConditionsCookie settingsAccessibility statement