To remotely deploy the Malwarebytes Endpoint Agent on Mac devices, Apple requires end users to grant Full Disk Access and allow our kernel extension. Normally, end users must manually go to their Mac Settings to grant these permissions which allow Malwarebytes to properly function. This article describes how you can remotely deploy the Endpoint Agent to your Macs and bypass these prompts.
Your Mac endpoints must have a User Approved Mobile Device Management (UAMDM) configured. You can enroll devices with Apple's Device Enrollment Program.
An MDM profile loaded remotely via SSH or similar does not qualify as a UAMDM.
Activate kernel extension and grant Full Disk Access
When deploying the Malwarebytes Endpoint Agent, you must allow our kernel extension on Macs running the following operating systems:
- macOS High Sierra 10.13
- macOS Mojave 10.14
- macOS Catalina 10.15
To bypass the System Extension Blocked prompt, see the following instructions: Approve kernel extension for Malwarebytes Endpoint Protection on Mac devices.
If you have macOS Mojave 10.14 or macOS Catalina 10.15 endpoints, you must grant Full Disk Access when deploying the Malwarebytes Endpoint Agent. This is needed so Malwarebytes can scan sensitive disk locations for threats.
To bypass manually granting Full Disk Access, see the following instructions: Grant Malwarebytes Endpoint Agent Full Disk Access for Mac endpoints using UAMDM.