diff --git a/home/dot_config/santa/README.md b/home/dot_config/santa/README.md
new file mode 100644
index 00000000..a3464784
--- /dev/null
+++ b/home/dot_config/santa/README.md
@@ -0,0 +1,47 @@
+# Santa
+
+Santa is a macOS security tool that helps handle the process of authorizing binary executions.
+
+The `.mobileconfig` files in this folder have to be manually clicked on to be loaded or used in conjunction with an managed device provider. For more information on what each `.mobileconfig` does, please see the [Santa Getting Started](https://santa.dev/deployment/getting-started.html) page.
+
+The original code used to deploy Santa via Ansible can be seen below which shows how to use `santactl` locally to block apps from loading:
+
+```yaml
+---
+- name: 'Ensure {{ app_name }} is installed'
+ become: false
+ community.general.homebrew_cask:
+ name: santa
+ state: "{{ app_state | default('present') }}"
+ accept_external_apps: '{{ allow_external_apps | default(true) }}'
+ sudo_password: '{{ ansible_password | default(omit) }}'
+
+- name: Copy the MDM Profile to the target
+ become: false
+ copy:
+ src: santa.mobileconfig
+ dest: ~/santa.mobileconfig
+ mode: 0700
+ when: lockdown_mode
+
+# The `profiles` command, starting in BigSur, does not allow installing Profiles. The command used below allows
+# partial automation, in that a notification is shown to install the Profile using System Preferences.
+# However, the step fails. Leaving it here to use if another way to completely automate this is possible
+# - name: Install the profile # noqa 303
+# shell: open /System/Library/PreferencePanes/Profiles.prefPane /Users/{{ ansible_user }}/santa.mobileconfig
+# when: lockdown_mode
+#
+# - name: Remove the MDM Profile from the target
+# become: false
+# file:
+# path: ~/santa.mobileconfig
+# state: absent
+# when: lockdown_mode
+
+- name: Ensure Rules are created # noqa 301 305
+ shell: /usr/local/bin/santactl rule {{ '--allow' if lockdown_mode else '--block' }} --path {{ rule }}
+ loop: '{{ allowed_apps if lockdown_mode else blocked_apps }}'
+ loop_control:
+ label: '{{ rule }}'
+ loop_var: rule
+```
diff --git a/home/dot_config/santa/install.sh b/home/dot_config/santa/install.sh
new file mode 100644
index 00000000..a20e5203
--- /dev/null
+++ b/home/dot_config/santa/install.sh
@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+# @file Santa Post-Installation Script
+# @brief Installs various profiles that give Santa the permissions it needs to function.
+# @description
+# This script opens all the profiles required for a full Santa installation. It relies on having launched a Santa synchronization
+# server. If you do not have a Santa synchronization server, you can launch Santa using the `local.santa.mobileconfig` file
+# which launches Santa in local mode. This mode is not recommended for production use.
+
+open /System/Library/PreferencePanes/Profiles.prefPane "${XDG_CONFIG_HOME:-$HOME/.config}/santa/server.santa.mobileconfig"
+open /System/Library/PreferencePanes/Profiles.prefPane "${XDG_CONFIG_HOME:-$HOME/.config}/santa/tcc.configuration-profile-policy.santa.mobileconfig"
+open /System/Library/PreferencePanes/Profiles.prefPane "${XDG_CONFIG_HOME:-$HOME/.config}/santa/system-extension-policy.santa.mobileconfig"
+open /System/Library/PreferencePanes/Profiles.prefPane "${XDG_CONFIG_HOME:-$HOME/.config}/santa/notification-settings.santa.mobileconfig"
\ No newline at end of file
diff --git a/home/dot_config/santa/local.santa.mobileconfig b/home/dot_config/santa/local.santa.mobileconfig
new file mode 100644
index 00000000..1adc1959
--- /dev/null
+++ b/home/dot_config/santa/local.santa.mobileconfig
@@ -0,0 +1,55 @@
+
+
+
+
+ PayloadContent
+
+
+ PayloadContent
+
+ com.google.santa
+
+ Forced
+
+
+ mcx_preference_settings
+
+ ClientMode
+ 2
+
+
+
+
+
+ PayloadEnabled
+
+ PayloadIdentifier
+ 0342c558-a101-4a08-a0b9-40cc00039ea5
+ PayloadType
+ com.apple.ManagedClient.preferences
+ PayloadUUID
+ 0342c558-a101-4a08-a0b9-40cc00039ea5
+ PayloadVersion
+ 1
+
+
+ PayloadDescription
+ com.google.santa
+ PayloadDisplayName
+ com.google.santa
+ PayloadIdentifier
+ com.google.santa
+ PayloadOrganization
+
+ PayloadRemovalDisallowed
+
+ PayloadScope
+ System
+ PayloadType
+ Configuration
+ PayloadUUID
+ 9020fb2d-cab3-420f-9268-acca4868bdd0
+ PayloadVersion
+ 1
+
+
diff --git a/home/dot_config/santa/notification-settings.santa.mobileconfig b/home/dot_config/santa/notification-settings.santa.mobileconfig
new file mode 100644
index 00000000..4105dded
--- /dev/null
+++ b/home/dot_config/santa/notification-settings.santa.mobileconfig
@@ -0,0 +1,64 @@
+
+
+
+
+ PayloadContent
+
+
+ NotificationSettings
+
+
+ AlertType
+ 1
+ BadgesEnabled
+
+ BundleIdentifier
+ com.google.santa
+ CriticalAlertEnabled
+
+ NotificationsEnabled
+
+ ShowInLockScreen
+
+ ShowInNotificationCenter
+
+ SoundsEnabled
+
+
+
+ PayloadDisplayName
+ Notifications Payload
+ PayloadIdentifier
+ com.google.santa.notificationsettings.F1817DA0-0044-43DD-9540-36EBC60FDA8F
+ PayloadOrganization
+
+ PayloadType
+ com.apple.notificationsettings
+ PayloadUUID
+ 510236AE-D7F8-4131-A4CA-5CC930C51866
+ PayloadVersion
+ 1
+
+
+ PayloadDescription
+ Configures your Mac to automatically enable Notifications settings for Santa
+ PayloadDisplayName
+ Santa Notifications settings
+ PayloadEnabled
+
+ PayloadIdentifier
+ com.google.santa.notificationsettings.069CA123-6129-46A5-8FD1-49322E5A5755
+ PayloadOrganization
+
+ PayloadRemovalDisallowed
+
+ PayloadScope
+ System
+ PayloadType
+ Configuration
+ PayloadUUID
+ 069CA123-6129-46A5-8FD1-49322E5A5755
+ PayloadVersion
+ 1
+
+
\ No newline at end of file
diff --git a/home/dot_config/santa/server.santa.mobileconfig b/home/dot_config/santa/server.santa.mobileconfig
new file mode 100644
index 00000000..5bec0d7c
--- /dev/null
+++ b/home/dot_config/santa/server.santa.mobileconfig
@@ -0,0 +1,115 @@
+
+
+
+
+ PayloadContent
+
+
+ PayloadContent
+
+ com.google.santa
+
+ Forced
+
+
+ mcx_preference_settings
+
+ BannedBlockMessage
+ This application has been banned
+ ClientMode
+ 1
+ EnablePageZeroProtection
+
+ EnableSilentMode
+
+ EventDetailText
+ Open sync server
+ EventDetailURL
+ https://santa.{{ .host.domain }}/blockables/%file_sha%
+ FileChangesRegex
+ ^/(?!(?:private/tmp|Library/(?:Caches|Managed Installs/Logs|(?:Managed )?Preferences))/)
+ MachineIDKey
+ MachineUUID
+ MachineIDPlist
+ /Library/Preferences/{{ .host.domain }}.santa.machine-mapping.plist
+ MachineOwnerKey
+ Owner
+ MachineOwnerPlist
+ /Library/Preferences/{{ .host.domain }}.santa.machine-mapping.plist
+ ModeNotificationLockdown
+ Entering Lockdown mode
+ ModeNotificationMonitor
+ Entering Monitor mode<br/>Please be careful!
+ MoreInfoURL
+ https://santa.{{ .host.domain }}/moreinfo
+ StaticRules
+
+
+
+ identifier
+ EQHXZ8M8AV
+ policy
+ ALLOWLIST
+ rule_type
+ TEAMID
+
+
+
+ identifier
+ b2617611fb6c008bfe9e05b7a633d4f21c403a0a1a88b514a04c3e5e111be025
+ policy
+ ALLOWLIST
+ rule_type
+ CERTIFICATE
+
+
+
+ identifier
+ b7c1e3fd640c5f211c89b02c2c6122f78ce322aa5c56eb0bb54bc422a8f8b670
+ policy
+ BLOCKLIST
+ rule_type
+ BINARY
+
+
+ SyncBaseURL
+ https://santa.{{ .host.domain }}/api/santa/
+ UnknownBlockMessage
+ This application has been blocked from executing.
+
+
+
+
+
+ PayloadEnabled
+
+ PayloadIdentifier
+ 0342c558-a101-4a08-a0b9-40cc00039ea5
+ PayloadType
+ com.apple.ManagedClient.preferences
+ PayloadUUID
+ 0342c558-a101-4a08-a0b9-40cc00039ea5
+ PayloadVersion
+ 1
+
+
+ PayloadDescription
+ com.google.santa
+ PayloadDisplayName
+ com.google.santa
+ PayloadIdentifier
+ com.google.santa
+ PayloadOrganization
+
+ PayloadRemovalDisallowed
+
+ PayloadScope
+ System
+ PayloadType
+ Configuration
+ PayloadUUID
+ 9020fb2d-cab3-420f-9268-acca4868bdd0
+ PayloadVersion
+ 1
+
+
\ No newline at end of file
diff --git a/home/dot_config/santa/system-extension-policy.santa.mobileconfig b/home/dot_config/santa/system-extension-policy.santa.mobileconfig
new file mode 100644
index 00000000..a162e853
--- /dev/null
+++ b/home/dot_config/santa/system-extension-policy.santa.mobileconfig
@@ -0,0 +1,64 @@
+
+
+
+
+
+ PayloadUUID
+ 40C19D5B-76D7-4C1C-BC9D-2F7EB29CFF4D
+ PayloadType
+ Configuration
+ PayloadOrganization
+
+ PayloadIdentifier
+ com.google.santa.system-extension-policy.40C19D5B-76D7-4C1C-BC9D-2F7EB29CFF4D
+ PayloadDisplayName
+ System Extensions
+ PayloadDescription
+ Configures your Mac to automatically enable Santa's EndpointSecurityExtension
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ PayloadRemovalDisallowed
+
+ PayloadScope
+ System
+ PayloadContent
+
+
+ PayloadUUID
+ 98D01A7B-ADC1-43C8-AB8E-8BDC25FCA3C9
+ PayloadType
+ com.apple.system-extension-policy
+ PayloadOrganization
+
+ PayloadIdentifier
+ com.google.santa.system-extension-policy.98D01A7B-ADC1-43C8-AB8E-8BDC25FCA3C9
+ PayloadDisplayName
+ System Extensions
+ PayloadDescription
+
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ AllowUserOverrides
+
+ AllowedSystemExtensions
+
+ EQHXZ8M8AV
+
+ com.google.santa.daemon
+
+
+ AllowedSystemExtensionTypes
+
+ EQHXZ8M8AV
+
+ EndpointSecurityExtension
+
+
+
+
+
+
\ No newline at end of file
diff --git a/home/dot_config/santa/tcc.configuration-profile-policy.santa.mobileconfig b/home/dot_config/santa/tcc.configuration-profile-policy.santa.mobileconfig
new file mode 100644
index 00000000..bafac478
--- /dev/null
+++ b/home/dot_config/santa/tcc.configuration-profile-policy.santa.mobileconfig
@@ -0,0 +1,90 @@
+
+
+
+
+
+ PayloadContent
+
+
+ PayloadDescription
+ Configures Privacy Preferences Policy Control settings
+ PayloadDisplayName
+ Privacy Preferences Policy Control
+ PayloadIdentifier
+ com.google.santa.TCC.configuration-profile-policy.2416BA4B-CBFC-4719-B02F-20251B881D6F
+ PayloadOrganization
+
+ PayloadType
+ com.apple.TCC.configuration-profile-policy
+ PayloadUUID
+ 2416BA4B-CBFC-4719-B02F-20251B881D6F
+ PayloadVersion
+ 1
+ Services
+
+ SystemPolicyAllFiles
+
+
+ Allowed
+
+ CodeRequirement
+ identifier "com.google.santa.daemon" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EQHXZ8M8AV
+ Comment
+
+ Identifier
+ com.google.santa.daemon
+ IdentifierType
+ bundleID
+ StaticCode
+
+
+
+ Allowed
+
+ CodeRequirement
+ identifier "com.google.santa.bundleservice" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EQHXZ8M8AV
+ Comment
+
+ Identifier
+ com.google.santa.bundleservice
+ IdentifierType
+ bundleID
+ StaticCode
+
+
+
+ Allowed
+
+ CodeRequirement
+ identifier "com.google.santa" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EQHXZ8M8AV
+ Comment
+
+ Identifier
+ com.google.santa
+ IdentifierType
+ bundleID
+ StaticCode
+
+
+
+
+
+
+ PayloadDescription
+ tcc.configuration-profile-policy.santa.example
+ PayloadDisplayName
+ tcc.configuration-profile-policy.santa.example
+ PayloadIdentifier
+ com.google.santa.TCC.configuration-profile-policy.089CBCFB-F2AA-407C-9F2A-A12967FE20BC
+ PayloadOrganization
+
+ PayloadScope
+ System
+ PayloadType
+ Configuration
+ PayloadUUID
+ 089CBCFB-F2AA-407C-9F2A-A12967FE20BC
+ PayloadVersion
+ 1
+
+
\ No newline at end of file
diff --git a/software.yml b/software.yml
index 937d01e3..533e3eaa 100644
--- a/software.yml
+++ b/software.yml
@@ -8156,7 +8156,6 @@ softwarePackages:
_github: https://github.com/google/santa
_home: https://santa.dev/
_name: A binary authorization system for MacOS
- ansible:darwin: professormanhattan.santa
cask: santa
schema:
_bin: schema