macOS Mojave introduced a security feature that allows third-party applications to access protected user data. Cylance recommends that customers running macOS Mojave and later allow the Full Disk Access permission for all Cylance Smart Antivirus services. Not enabling Full Disk Access could affect agent functions such as Background Threat Detection and Memory Protection.
Administrators can use one of the following methods to ensure that the Cylance Smart Antivirus services have the full disk access they need:
Create a Privacy Preferences Policy Control profile
Create a manual exception
Link:
https://support.blackberry.com/pkb/s/article/67335
Activate Cylance
#remove old version of Cylance if exists
/Applications/Cylance/Uninstall\ CylancePROTECT.app/Contents/MacOS/Uninstall\ CylancePROTECT --noui --password=supersecret
sleep 15
#install latest Cylance version with install token
echo rfgsergsefgsfgsdfg > /private/tmp/Cylance/cyagent_install_token
installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target / -verbose
rm /private/tmp/Cylance/cyagent_install_token
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
##### | |
# Installs Cylance along with the token. You enter the token as variable $4 in Jamf | |
##### | |
# version 1.1 | |
# Created by Nathan Beranger, January 2018 | |
##### | |
# Revision notes: | |
# | |
# 1.1 - cleaned up syntax and commenting throughout | |
# - added log output to TGAM-Jamf.log | |
#### | |
## Assign today's date and time, and name of script for logging purposes | |
DATE=$(date '+%Y-%m-%d %H:%M') | |
SCRIPTNAME="Install Cylance with Token" | |
##### | |
# Send all output to /private/var/tmp/TGAM-Jamf.log. Using >> instead of > will | |
# append output to file instead of overwritting existing file. | |
##### | |
# Saves file descriptors 1 (stdout) to 3, and 2 (stderr) to 4, | |
# so they can be restored to whatever they were before | |
exec 3>&1 4>&2 | |
# Restore file descriptors for particular signals | |
trap 'exec 2>&4 1>&3' 0 1 2 3 | |
# Redirect 1 (stdout) to 'TGAM-Jamf.log' then redirect 2 (stderr) to 1 (stdout) | |
exec 1>>/private/var/tmp/YourName-Jamf.log 2>&1 | |
echo "---------------------------------------------------" | |
echo "$DATE"" | ""$SCRIPTNAME" | |
echo "---------------------------------------------------" | |
## Create cylance token file | |
cd /Users/Shared/CylancePROTECT/ || exit | |
echo "$4" >cyagent_install_token | |
## Run the Cylance installer, using the token file that was created above | |
installer -pkg /Users/Shared/CylancePROTECT/CylancePROTECT_"$5".pkg -target / | |
## Clean up the files now that the application has been installed | |
rm -R /Users/Shared/CylancePROTECT | |
exit 0 |