https://summitroute.com/blog/2015/12/29/osxlockdown/
https://github.com/SummitRoute/osxlockdown
SummitRoute has a new Mac OS X security tool, OSXlockdown. Excerpt from readme follows, note especially the scarily-humorous warnings at the end. 🙂
osxlockdown was built to audit, and remediate, security configuration settings on OS X 10.11 (El Capitan).
This checks and flips various configuration settings. This is a compilation of numerous resources listed in the Resources section which could be converted to bash scripts. This is different than those resources in that instead of requiring the user to read a 100+ page doc, click through numerous GUIs, and try to decide if some esoteric output is good or bad, this tool combines all the steps into a single command. This tool is focused on enterprise deployments of OSX with regard to what it does, but made to be usable for stand-alone home users as well. Running the command by itself will tell you which audit checks passed and failed. Adding the –remediate flag will fix the problems identified. The commands.json file may be edited to disable certain rules by setting enabled to false.
Warning: Many of the rules disable functionality in the name of security. This may make you sad.
Warning: System commands and dark arts are involved, so ensure you have your system backed up first.
Firmware Security 