Kandji gives boost to Apple mobile device management security

Kandji's Device Harmony is built on the belief that existing MDM systems don't service both general IT teams and those in InfoSec managing security. While IT manages the usability of devices on the network, InfoSec have to monitor and defend against attacks and other security risks on the network.

With two fairly different aims, the two teams would typically work fairly separately. "But today, IT and InfoSec teams must work together to keep their company and users both secure and productive," according to founder and CEO Adam Pettit. "To win now, these teams need shared data and systems."

Device Harmony connects together a number of tool and feature categories into one bundle: Device Management, Vulnerability Management, Endpoint Detection and Response, Endpoint Visibility, and Endpoint Compliance. Using shared intelligence, automation, and cross-functional workflows, the teams can work together using the same tools and with little in the way of compromise.

"With Device Harmony, these teams can unlock a comprehensive view of every endpoint and create a shared reality between IT and InfoSec, so they can recognize and remediate risks within a single platform, reducing the gap between identifying and addressing issues," continued Pettit.

The founder continued "Now, IT and InfoSec teams can work together to navigate their fleets and take action, while providing users with the most elegant, Apple-native experience possible while maintaining a strong security posture."

The Vulnerability Management of Device Harmony now provides a full view of vulnerabilities across macOS, descriptions, history, severity, affected software, and devices where that software is installed. Teams can then use Kandji to mitigate the vulnerability by upgrading and blocking apps, and running scripts to uninstall apps.

Rather than a periodic scan, Kandji instead uses a lightweight service within the Kandji Agent running on the Mac. Leveraging Apple's Endpoint Security framework, the agent listens for application-related events to work out if new vulnerabilities have been introduced or patch, with insights provided in real time.

The Endpoint Detection and Response pillar uses the agent to monitor all files and application on the Mac in real time, providing a detailed view of detected events, threat names and classification, and other relevant actions to the main system. The agent can then terminate malicious processes, and quarantine files.

The approach also uses pre-execution and post-execution methodologies, with the former able to take down "almost all malware variants" and reduce the risk of malware running before security software can stop it. Post-execution, there is the detection of threats without needing to see the malware beforehand, by looking for actions that malware typically takes while executing.

All of the Device Harmony capabilities are being deployed through the Kandji Agent, built using Swift. Apple's technologies that are exclusive to MDM solutions are also being used to ensure the agent is alive and installed.

The Vulnerability Management and Endpoint Detection and Response arms of Device Harmony are being rolled out to select customers of Kandji, with general availability to all users within a few weeks. Endpoint Visibility and Endpoint Compliance will be previewed to customers in early 2023.