anavem.
Back to Glossary
N

Notarization (Apple Software Notarization)

Notarization is an Apple security process that scans macOS software for malicious content and validates it before allowing distribution outside the App Store.

What is notarization?

Notarization is an Apple security requirement that applies to most third-party macOS applications distributed outside the Mac App Store. Developers submit their software to Apple, where it is automatically scanned for known malware and security issues. If the software passes these checks, Apple issues a notarization ticket that macOS can later verify before allowing the app to run.

Why notarization matters

Notarization is important because it:

  • Reduces the spread of macOS malware
  • Helps users identify trusted software
  • Strengthens the macOS application trust model
  • Works in conjunction with Gatekeeper and code signing
  • Is mandatory for many modern macOS versions

Without notarization, applications may be blocked by default on end-user systems.

How notarization works

The notarization process typically follows these steps:

  1. The developer signs the application with an Apple Developer ID
  2. The app is uploaded to Apple's notarization service
  3. Apple performs automated security checks and malware scanning
  4. A notarization ticket is issued if the app passes
  5. macOS verifies notarization at first launch or during execution

This process is transparent to end users but enforced by the operating system.

Notarization and Gatekeeper

Notarization is tightly integrated with Gatekeeper:

  • Gatekeeper checks whether an app is signed and notarized
  • Unsigned or non-notarized apps trigger warnings or blocks
  • Users can manually override warnings, but this reduces security

Notarization does not guarantee safety - it only indicates that the software passed Apple's checks at submission time.

Notarization vs code signing

These concepts are related but distinct:

  • Code signing: verifies the identity of the developer and integrity of the code
  • Notarization: Apple scans the software for known malware

An app must typically be both signed and notarized to run smoothly on modern macOS systems.

Security limitations

While notarization improves security, it has limits:

  • It relies on automated malware detection
  • Malware can be added after notarization if attackers abuse updates
  • Signed and notarized apps can still behave maliciously
  • Zero-day malware may bypass checks initially

For this reason, notarization should be combined with EDR, MDM, and monitoring.

Notarization in enterprise environments

In managed macOS fleets, notarization:

  • Reduces helpdesk incidents related to blocked apps
  • Supports compliance with Apple security standards
  • Integrates with MDM and application allowlisting
  • Helps control software distribution risks

Enterprises often restrict execution to signed and notarized software only.

Common misconceptions

  • "Notarized apps are always safe"
  • "Notarization replaces antivirus or EDR"
  • "Only App Store apps are notarized"
  • "Notarization prevents all macOS malware"