As of High Sierra (10.13.x), all third-party kernel extensions (kexts) must be explicitly allowed to load. This approval can be performed locally by the end user or orchestrated via a mobile device management (MDM) policy. 

Approve EDR/EPP Sensor Kernel Extensions

Approve the macOS kernel extension directly on a Mac system

1. From your Mac, click System Preferences.
2. From the Security & Privacy pane, click General.
3. Click the lock icon and authenticate as an administrator.
4. Click Allow for System software from developer “EDR Vendor” was prevented from loading.

The installer will finish running and load the sensor.

Approve the macOS kernel extension via MDM

Specify the Apple Team ID in your configuration profile:

• Carbon Black Response/Defense/ThreatHunter
  Apple Team ID: 7AGZNQ2S2T

• CrowdStrike Falcon
  Apple Team ID: X9E956P446

• Endgame
  Apple Team ID: 4FVLCA237T

• • Microsoft Defender ATP
    Apple Team ID: UBF8T346G9