@kandji.bsky.social
Why does Kandji invest in proprietary security research?
Because when we find vulnerabilities before attackers do, everyone wins.
Our team put together a walk-through of the past year's discoveries—dive in here:
Because when we find vulnerabilities before attackers do, everyone wins.
Our team put together a walk-through of the past year's discoveries—dive in here:
macOS Vulnerabilities: A Year of Security Research at Kandji
Kandji researchers uncovered and disclosed key macOS vulnerabilities over the past year. Learn how we protect customers through detection and patching.
buff.ly
May 1, 2025 at 9:14 PM
Why does Kandji invest in proprietary security research?
Because when we find vulnerabilities before attackers do, everyone wins.
Our team put together a walk-through of the past year's discoveries—dive in here:
Because when we find vulnerabilities before attackers do, everyone wins.
Our team put together a walk-through of the past year's discoveries—dive in here:
Apple’s influence in enterprise IT keeps growing—but are they living up to expectations? 👀
The latest Six Colors Apple in the Enterprise Report Card for 2025 is out and explores the answer.
The latest Six Colors Apple in the Enterprise Report Card for 2025 is out and explores the answer.
Apple in the Enterprise: A 2025 report card
Kandji approached Six Colors to commission a new entry in their Report Card series focusing on how Apple’s doing in large organizations. Explore the 2025 survey results, plus comments from survey participants.
sixcolors.com
April 30, 2025 at 8:53 PM
Apple’s influence in enterprise IT keeps growing—but are they living up to expectations? 👀
The latest Six Colors Apple in the Enterprise Report Card for 2025 is out and explores the answer.
The latest Six Colors Apple in the Enterprise Report Card for 2025 is out and explores the answer.
Ask an IT admin what keeps them up at night, and they’ll likely tell you:
👉 A patch that introduces a system-breaking bug.
👉 A security update that conflicts with legacy apps.
👉 A misconfiguration that locks users out.
👉 A patch that introduces a system-breaking bug.
👉 A security update that conflicts with legacy apps.
👉 A misconfiguration that locks users out.
April 29, 2025 at 3:42 PM
Ask an IT admin what keeps them up at night, and they’ll likely tell you:
👉 A patch that introduces a system-breaking bug.
👉 A security update that conflicts with legacy apps.
👉 A misconfiguration that locks users out.
👉 A patch that introduces a system-breaking bug.
👉 A security update that conflicts with legacy apps.
👉 A misconfiguration that locks users out.
Kandji’s latest Demo Day focused on Assignment Maps, a visual, logic-based way to automate and precisely control the assignment of apps and configurations to your devices.
See how this powerful feature can revolutionize your device management:
See how this powerful feature can revolutionize your device management:
The Future of Scoping: Assignment Maps Explained
In Kandji's latest Demo Day, learn how Assignment Maps make app and configuration management for Apple devices easier and more intuitive.
buff.ly
April 25, 2025 at 8:37 PM
Kandji’s latest Demo Day focused on Assignment Maps, a visual, logic-based way to automate and precisely control the assignment of apps and configurations to your devices.
See how this powerful feature can revolutionize your device management:
See how this powerful feature can revolutionize your device management:
Think about your team's daily IT operations.
How much time is spent on:
Resetting passwords?
Deploying software updates?
Approving access requests?
Scrambling for compliance reports?
Now, imagine if none of those tasks required manual intervention.
How much time is spent on:
Resetting passwords?
Deploying software updates?
Approving access requests?
Scrambling for compliance reports?
Now, imagine if none of those tasks required manual intervention.
April 23, 2025 at 9:43 PM
Think about your team's daily IT operations.
How much time is spent on:
Resetting passwords?
Deploying software updates?
Approving access requests?
Scrambling for compliance reports?
Now, imagine if none of those tasks required manual intervention.
How much time is spent on:
Resetting passwords?
Deploying software updates?
Approving access requests?
Scrambling for compliance reports?
Now, imagine if none of those tasks required manual intervention.
Security threats evolve faster than manual processes can keep up.
If you’re not automating security, you’re falling behind.
If you’re not automating security, you’re falling behind.
April 22, 2025 at 5:06 PM
Security threats evolve faster than manual processes can keep up.
If you’re not automating security, you’re falling behind.
If you’re not automating security, you’re falling behind.
5 IT and security workflows to automate today:
1️⃣ Onboarding & offboarding – No more access lag.
2️⃣ Patching – Close vulnerabilities faster.
3️⃣ Threat detection & response – Cut incident response time.
4️⃣ Compliance monitoring – Avoid fines.
5️⃣ Software deployment – No more manual installs.
1️⃣ Onboarding & offboarding – No more access lag.
2️⃣ Patching – Close vulnerabilities faster.
3️⃣ Threat detection & response – Cut incident response time.
4️⃣ Compliance monitoring – Avoid fines.
5️⃣ Software deployment – No more manual installs.
April 17, 2025 at 4:42 PM
5 IT and security workflows to automate today:
1️⃣ Onboarding & offboarding – No more access lag.
2️⃣ Patching – Close vulnerabilities faster.
3️⃣ Threat detection & response – Cut incident response time.
4️⃣ Compliance monitoring – Avoid fines.
5️⃣ Software deployment – No more manual installs.
1️⃣ Onboarding & offboarding – No more access lag.
2️⃣ Patching – Close vulnerabilities faster.
3️⃣ Threat detection & response – Cut incident response time.
4️⃣ Compliance monitoring – Avoid fines.
5️⃣ Software deployment – No more manual installs.
Are you curious where your peers get updates on the latest IT and security news?
We were curious too. So we took the question to our community in a broad survey of professionals - from security experts to technology leaders and admins.
Results found here: www.kandji.io/blog/top-content-for-it-pros
We were curious too. So we took the question to our community in a broad survey of professionals - from security experts to technology leaders and admins.
Results found here: www.kandji.io/blog/top-content-for-it-pros
April 16, 2025 at 4:05 PM
Are you curious where your peers get updates on the latest IT and security news?
We were curious too. So we took the question to our community in a broad survey of professionals - from security experts to technology leaders and admins.
Results found here: www.kandji.io/blog/top-content-for-it-pros
We were curious too. So we took the question to our community in a broad survey of professionals - from security experts to technology leaders and admins.
Results found here: www.kandji.io/blog/top-content-for-it-pros
Does this make any sense to you?!
I'm not afraid to admit that I honestly don't understand it.
If you have a legitimate explanation, please explain it to me in the comments!
#MacSecurity #MacAdmin #DeviceSecurity #MacOS #iOS
I'm not afraid to admit that I honestly don't understand it.
If you have a legitimate explanation, please explain it to me in the comments!
#MacSecurity #MacAdmin #DeviceSecurity #MacOS #iOS
April 15, 2025 at 5:05 PM
Does this make any sense to you?!
I'm not afraid to admit that I honestly don't understand it.
If you have a legitimate explanation, please explain it to me in the comments!
#MacSecurity #MacAdmin #DeviceSecurity #MacOS #iOS
I'm not afraid to admit that I honestly don't understand it.
If you have a legitimate explanation, please explain it to me in the comments!
#MacSecurity #MacAdmin #DeviceSecurity #MacOS #iOS
Our Threat Intelligence team analyzed a software suite that targets applications like WeChat and QQ.
Explore our team's analysis on this suspicious mach-O file's likely origins, target users, and observed functionality: buff.ly/bkhlcoy
Explore our team's analysis on this suspicious mach-O file's likely origins, target users, and observed functionality: buff.ly/bkhlcoy
PasivRobber: Chinese Spyware or Security Tool?
In March 2025, our team found a suspicious mach-O file named wsus. Read the full analysis on its likely origins, target users, and observed functionality.
www.kandji.io
April 14, 2025 at 2:29 PM
Our Threat Intelligence team analyzed a software suite that targets applications like WeChat and QQ.
Explore our team's analysis on this suspicious mach-O file's likely origins, target users, and observed functionality: buff.ly/bkhlcoy
Explore our team's analysis on this suspicious mach-O file's likely origins, target users, and observed functionality: buff.ly/bkhlcoy
A Fortune 500 company’s IT team was manual-first by design. Their CIO believed automation would introduce risk.
Then it happened.
❌ A zero-day exploit hit.
❌ The patch was available, but deployment took 48 hours.
❌ Within 24 hours, attackers had breached 30% of their systems.
Their competitors?
Then it happened.
❌ A zero-day exploit hit.
❌ The patch was available, but deployment took 48 hours.
❌ Within 24 hours, attackers had breached 30% of their systems.
Their competitors?
April 11, 2025 at 5:00 PM
A Fortune 500 company’s IT team was manual-first by design. Their CIO believed automation would introduce risk.
Then it happened.
❌ A zero-day exploit hit.
❌ The patch was available, but deployment took 48 hours.
❌ Within 24 hours, attackers had breached 30% of their systems.
Their competitors?
Then it happened.
❌ A zero-day exploit hit.
❌ The patch was available, but deployment took 48 hours.
❌ Within 24 hours, attackers had breached 30% of their systems.
Their competitors?
Are you getting the most out of Apple Business Manager (ABM)?
Most companies think they’re using ABM correctly, but in reality, they’re leaving powerful features untapped.
Here’s what we see IT teams overlooking when managing Apple devices:
Most companies think they’re using ABM correctly, but in reality, they’re leaving powerful features untapped.
Here’s what we see IT teams overlooking when managing Apple devices:
April 9, 2025 at 4:00 PM
Are you getting the most out of Apple Business Manager (ABM)?
Most companies think they’re using ABM correctly, but in reality, they’re leaving powerful features untapped.
Here’s what we see IT teams overlooking when managing Apple devices:
Most companies think they’re using ABM correctly, but in reality, they’re leaving powerful features untapped.
Here’s what we see IT teams overlooking when managing Apple devices:
CVE-2025-24201, a high-severity WebKit vulnerability targeting multiple AppleOS platforms, can affect multiple browsers.
Learn what this means for your organization with our team's breakdown: buff.ly/xnSJ3OI
#ITsecurity #VulnerabilityManagement #ThreatIntelligence #DeviceSecurity
Learn what this means for your organization with our team's breakdown: buff.ly/xnSJ3OI
#ITsecurity #VulnerabilityManagement #ThreatIntelligence #DeviceSecurity
Caught in the WebKit: Getting Tangled with CVE-2025-24201
CVE-2025-24201, a high-severity WebKit vulnerability, can affect multiple browsers. Learn what this means for your organization and what to monitor next.
buff.ly
April 8, 2025 at 3:41 PM
CVE-2025-24201, a high-severity WebKit vulnerability targeting multiple AppleOS platforms, can affect multiple browsers.
Learn what this means for your organization with our team's breakdown: buff.ly/xnSJ3OI
#ITsecurity #VulnerabilityManagement #ThreatIntelligence #DeviceSecurity
Learn what this means for your organization with our team's breakdown: buff.ly/xnSJ3OI
#ITsecurity #VulnerabilityManagement #ThreatIntelligence #DeviceSecurity
Manual configurations don’t scale. Assignment Maps do.
Assignment Maps rethink how IT teams scope and configure devices—turning what’s usually a time-consuming process into something intuitive, automated, and reliable.
Assignment Maps rethink how IT teams scope and configure devices—turning what’s usually a time-consuming process into something intuitive, automated, and reliable.
Demo Day - Assignment Maps
Join Demo Day to explore how Assignment Maps automate device scoping and configuration for Apple fleets, featuring expert insights and a live Q&A session.
buff.ly
April 7, 2025 at 4:19 PM
Manual configurations don’t scale. Assignment Maps do.
Assignment Maps rethink how IT teams scope and configure devices—turning what’s usually a time-consuming process into something intuitive, automated, and reliable.
Assignment Maps rethink how IT teams scope and configure devices—turning what’s usually a time-consuming process into something intuitive, automated, and reliable.
Imagine an onboarding experience for your users that automates the configuration process; ensuring that freshly enrolled Mac computers are transformed into enterprise-ready devices with all necessary apps, settings, and security controls in place before your users start using them.
April 2, 2025 at 8:55 PM
Imagine an onboarding experience for your users that automates the configuration process; ensuring that freshly enrolled Mac computers are transformed into enterprise-ready devices with all necessary apps, settings, and security controls in place before your users start using them.
Were you even aware of these creative ways for organizations to utilize Apple Vision Pro?! 👀
If you're not thinking outside the box with use cases for Vision devices, then you may be missing out on innovation in ways not previously possible.
If you're not thinking outside the box with use cases for Vision devices, then you may be missing out on innovation in ways not previously possible.
March 31, 2025 at 4:59 PM
Were you even aware of these creative ways for organizations to utilize Apple Vision Pro?! 👀
If you're not thinking outside the box with use cases for Vision devices, then you may be missing out on innovation in ways not previously possible.
If you're not thinking outside the box with use cases for Vision devices, then you may be missing out on innovation in ways not previously possible.
MDM + Identity Provider = Conditional Access Granted
When an MDM, such as Kandji, is paired with an identity provider, it allows for you to successfully facilitate conditional access policies. Kandji happens to be super easy to configure with your identity provider, making for easy execution.
When an MDM, such as Kandji, is paired with an identity provider, it allows for you to successfully facilitate conditional access policies. Kandji happens to be super easy to configure with your identity provider, making for easy execution.
March 27, 2025 at 1:08 PM
MDM + Identity Provider = Conditional Access Granted
When an MDM, such as Kandji, is paired with an identity provider, it allows for you to successfully facilitate conditional access policies. Kandji happens to be super easy to configure with your identity provider, making for easy execution.
When an MDM, such as Kandji, is paired with an identity provider, it allows for you to successfully facilitate conditional access policies. Kandji happens to be super easy to configure with your identity provider, making for easy execution.
How often does your company delay security patches because of potential disruptions?
😎 Never – we automate everything
🎯 Sometimes – we test first, then deploy
⚠️ Often – we worry about breaking apps
🚨 Too often – security takes a back seat
Reply with the emoji that describes your organization.
😎 Never – we automate everything
🎯 Sometimes – we test first, then deploy
⚠️ Often – we worry about breaking apps
🚨 Too often – security takes a back seat
Reply with the emoji that describes your organization.
March 26, 2025 at 8:55 PM
How often does your company delay security patches because of potential disruptions?
😎 Never – we automate everything
🎯 Sometimes – we test first, then deploy
⚠️ Often – we worry about breaking apps
🚨 Too often – security takes a back seat
Reply with the emoji that describes your organization.
😎 Never – we automate everything
🎯 Sometimes – we test first, then deploy
⚠️ Often – we worry about breaking apps
🚨 Too often – security takes a back seat
Reply with the emoji that describes your organization.
Is your IT team being asked to do more with less?
It’s happening everywhere. IT budgets are shrinking. Headcounts are getting cut.
IT teams are being asked to manage more devices, more security risks, and more compliance requirements—all with fewer resources.
It’s happening everywhere. IT budgets are shrinking. Headcounts are getting cut.
IT teams are being asked to manage more devices, more security risks, and more compliance requirements—all with fewer resources.
March 25, 2025 at 9:43 PM
Is your IT team being asked to do more with less?
It’s happening everywhere. IT budgets are shrinking. Headcounts are getting cut.
IT teams are being asked to manage more devices, more security risks, and more compliance requirements—all with fewer resources.
It’s happening everywhere. IT budgets are shrinking. Headcounts are getting cut.
IT teams are being asked to manage more devices, more security risks, and more compliance requirements—all with fewer resources.
What’s the biggest challenge YOU face when managing OS updates? How are you handling it today?
#AppleDeviceManagement #MDM #MacAdmin
#AppleDeviceManagement #MDM #MacAdmin
March 24, 2025 at 9:18 PM
What’s the biggest challenge YOU face when managing OS updates? How are you handling it today?
#AppleDeviceManagement #MDM #MacAdmin
#AppleDeviceManagement #MDM #MacAdmin
Lack of management capabilities should never be a reason that your enterprise has to hesitate to use specific types of devices.
Yet when it comes to Apple Vision Pro, most device management solutions don't actually have the capabilities for organizations to use Vision devices with confidence.
Yet when it comes to Apple Vision Pro, most device management solutions don't actually have the capabilities for organizations to use Vision devices with confidence.
March 21, 2025 at 1:33 PM
Lack of management capabilities should never be a reason that your enterprise has to hesitate to use specific types of devices.
Yet when it comes to Apple Vision Pro, most device management solutions don't actually have the capabilities for organizations to use Vision devices with confidence.
Yet when it comes to Apple Vision Pro, most device management solutions don't actually have the capabilities for organizations to use Vision devices with confidence.
Your organization is more vulnerable than you might realize. 👀
There are many different types of attack vectors, and although some are more common than others, that doesn't mean your organization can afford to not be protected against the behaviors of all the vectors out there.
There are many different types of attack vectors, and although some are more common than others, that doesn't mean your organization can afford to not be protected against the behaviors of all the vectors out there.
March 20, 2025 at 4:35 PM
Your organization is more vulnerable than you might realize. 👀
There are many different types of attack vectors, and although some are more common than others, that doesn't mean your organization can afford to not be protected against the behaviors of all the vectors out there.
There are many different types of attack vectors, and although some are more common than others, that doesn't mean your organization can afford to not be protected against the behaviors of all the vectors out there.
IT teams are getting smaller.
Security risks are getting bigger.
Yet companies keep cutting IT budgets and personnel to save costs—even as cyberattacks become more frequent and expensive.
If your IT team is shrinking, your strategy needs to change.
Security risks are getting bigger.
Yet companies keep cutting IT budgets and personnel to save costs—even as cyberattacks become more frequent and expensive.
If your IT team is shrinking, your strategy needs to change.
March 19, 2025 at 3:09 PM
IT teams are getting smaller.
Security risks are getting bigger.
Yet companies keep cutting IT budgets and personnel to save costs—even as cyberattacks become more frequent and expensive.
If your IT team is shrinking, your strategy needs to change.
Security risks are getting bigger.
Yet companies keep cutting IT budgets and personnel to save costs—even as cyberattacks become more frequent and expensive.
If your IT team is shrinking, your strategy needs to change.
A conditional access policy is only as good as THIS ONE THING.
This is one of the biggest mistakes many admins make when designing conditional access policies.
But if you design with this in mind, you're automatically setting your organization up for success with your conditional access policy.
This is one of the biggest mistakes many admins make when designing conditional access policies.
But if you design with this in mind, you're automatically setting your organization up for success with your conditional access policy.
March 18, 2025 at 2:04 PM
A conditional access policy is only as good as THIS ONE THING.
This is one of the biggest mistakes many admins make when designing conditional access policies.
But if you design with this in mind, you're automatically setting your organization up for success with your conditional access policy.
This is one of the biggest mistakes many admins make when designing conditional access policies.
But if you design with this in mind, you're automatically setting your organization up for success with your conditional access policy.