Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: How to Perform an Unattended Installation of the Mac Sensor

Endpoint Standard: How to Perform an Unattended Installation of the Mac Sensor


  • Endpoint Standard (formerly CB defense): All Versions
  • Apple macOS: All Supported Versions


This document provides information on how to install CB endpoint standard sensor on an OS X/macOS endpoint remotely.


  1. The sensor software package for OS X/macOS is delivered in a DMG file format (disk image). In order to perform a command line installation, you will need to extract the installation package and the installation script. The hdiutil command "mounts" the disk image in a virtual disk location, for example, "/Volumes/CbDefense-".
hdiutil attach /path/to/confer_installer_mac-
  1. Make a copy of the files "CbDefense Install.pkg" and "" from the mounted disk image. These two files are needed for the target machine to install Confer Sensor Software. Copy these two files to the installation target OS X/macOS device, for example to "/tmp/" directory.
-rw-r--r--@ 1 user     staff  21188558 Nov 20 21:44      /Volumes/CbDefense- Install.pkg
-rwxr-xr-x  1 user     staff  15226 Nov 20 21:44           /Volumes/CbDefense-
Make sure to use the installation script ( that came with the Sensor version you are installing
  1. Run the installation command remotely on the target OS X/macOS device and replace the string COMPANY_CODE with the correct Company Code for the sensor version you are installing.
sudo ./tmp/ -i '/tmp/CbDefense Install.pkg' -c 'COMPANY_CODE' --skip-kext-approval-check
NOTE: If you are on Mac OS 10.13 and above, you must use --skip-kext-approval-check to receive the prompt allowing the end user to locally approve KEXT

Optional uses

The installation script ( supports additional optional parameters that can be used to provide additional customization.

  • To list all available options 
    /tmp/ -h
Not all options are supported. Below are the tested and supported optional arguments.
  • To provide proxy information
    • Replace proxy-server-ip-address with the actual IP address to contact the proxy server.
    • Replace proxy-server-port-number with the actual port number to contact the proxy server.
sudo /tmp/ -i 'CBCloud Install.pkg' -c 'COMPANY_CODE' -p proxy-server-ip-address:proxy-server-port-number -x proxy_user_name:proxy_user_password
  • To specify policy group for the device
sudo /tmp/ -i 'CBCloud Install.pkg' -c 'COMPANY_CODE' -g group_name
  • To install the device in bypass mode
sudo /tmp/ -i 'CBCloud Install.pkg' -c 'COMPANY_CODE' -d
  • To produce verbose install logs
sudo bash -x /tmp/ -i  '/tmp/CBCloud Install.pkg' -c 'COMPANY_CODE'

Additional Notes

  • Ensure that single quotes are always used for any parameter in the command line string. The use of double quotes anywhere in the command line string will cause a read failure from that point on in the command
  • Ensure that both files are copied to the target machine verbatim. Some file copy tools may not preserve the execute bit (+x) which will prevent "" from running
  • The command "" supports additional installer options, use "-h" option to display the remaining options.
  • Under all conditions the "-i" option to provide the installer package, and the "-c" option to provide the COMPANY_CODE are required to execute the installer script successfully.

Related Content

Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Creation Date: