Hi Apple Developer Forums, We are developing a managed macOS security/monitoring agent for enterprise customers (deployed only to MDM-managed endpoints). Our goal is to collect per-process network connection metadata (e.g., which process initiated a TCP connection, destination IP/port, timestamps). We are not intercepting or collecting network payload/content—only connection metadata for security telemetry/compliance. We previously explored options like: sysctl PCB lists (e.g., net.inet.tcp.pcblist_n) / kernel structs (not stable ABI; appears private/fragile) Aggregate TCP stats (sysctl net.inet.tcp.stats) which are public but system-wide only proc_pidinfo() / PROC_PIDFDSOCKETINFO for per-PID socket snapshots (polling-based; limited / not event-driven) It seems the supported, event-based approach for per-process connection visibility is EndpointSecurity.framework, but it requires the entitlement: com.apple.developer.endpoint-security.client Questions: Is EndpointSecurity.framework the recommended/supported approach for per-process TCP connection events on macOS for a managed enterprise security agent? What is the correct process to request approval for the Endpoint Security client entitlement under an Apple Developer Program team? (We were directed to post here.) Which Endpoint Security event types are appropriate for capturing connect/accept/close style network events per-process, strictly for metadata telemetry? Are there any platform/privacy constraints or best practices Apple expects us to follow for this use case (MDM-managed enterprise deployments)? We can provide additional details (distribution method, signing, MDM deployment model, privacy disclosures) if needed. Thanks!

Hello, I'm trying to identify the legitimacy of an app in the AppStore. The app is called Social.HCLTech.com (https://apps.apple.com/jp/app/social-hcltech-com/id1330892586). We received intel from our brand intelligence vendor that the app is not one of ours (HCL Tech). I'm trying to get in touch with the submitter to see verify where the app came from, who owns it, etc. it's using our company name in an app which we have no record of. Thank you.

Hello, Our current entitlements have the following additional capabilities in our team account. CarPlay Communications App CarPlay Messaging App CarPlay VoIP Calling App We need the following capabilities added or enabled in our team account. How do we go about enabling them? Required Entitlements Entitlement / Category com.apple.developer.carplay-audio / Audio com.apple.developer.carplay-communication / Communication com.apple.developer.carplay-charging / EV Charging`` com.apple.developer.carplay-maps / Navigation com.apple.developer.carplay-parking / Parking com.apple.developer.carplay-quick-ordering / Quick Food Ordering Thank you, Scott

A few weeks ago I requested the subject entitlement. I'm still waiting for it to be added to our account. Who or how can I find out what going on with it. I have no correspondence from Apple yet saying it was denied and why. https://developer.apple.com/documentation/bundleresources/entitlements/com.apple.developer.persistent-content-capture?language=objc Thank you.

Customers are reporting after the update to mac OS Sonoma 14.2 bitmap images have a black background! When we run the same application on Sonoma 14.1.1 the bitmap images appear as expected Like I said at the beginning, it happened after upgrading to Sonoma 14.2 so it introduced the issue.