You’ve chosen Apple and we’ve designed a device management experience to match.
Devices
Zero-touch deployment
Set up and configure devices for new employees instantly and remotely, without IT having to physically touch the device.
The best employee experience
New employees can use their pre-configured devices right out of the box without a visit to IT.
Flexible device Blueprints
Organize devices based on team, department, or location. Drop a new device into a Blueprint to automatically assign the right apps, controls, and automations to that device.
User-initiated enrollment
Our enrollment portal makes it easy to import your users from G Suite or Microsoft 365 and invite them to enroll their own devices quickly and painlessly.
Automated migration
We’ve created an automated migration tool that seamlessly migrates large organizations off of legacy MDM providers, making it easier than ever before to transition to a modern platform.
Maximum visibility
Experience an unprecedented level of visibility. Oversee your entire fleet and keep tabs on all activity with detailed records, key updates, and an extensive log of remediations performed on each machine.
Self Service
Empower end users with your own select library of applications and tools, so they can download what they need when they need it without asking IT. Customize everything - branding, labels, categories, and more - to make it your own.
MDM+
MDM alone simply isn’t enough. With Kandji, you get the best of both worlds — a reliable MDM plus a proprietary macOS agent that extends your capabilities beyond the expected.
Offline mode
Kandji is the only MDM that works around the clock to enforce compliance and remediate issues whether your Mac devices are online or off.
Automated macOS patch management is enabled by Kandji's Auto Apps, a library of applications that Kandji pre-packages, hosts, and automatically patches.
Pre-packaged
Hosted
Automated patching
Notifications
Auto Apps end user experience
All Auto Apps are fully enforced automatically with user-friendly prompts powered by the Kandji agent.
Auto Apps admin experience
Choose whether you want app updates enforced automatically or manually, and add to the dock so it is easy for users to find.
App Store apps
Sync your App Store apps from Apple Business Manager (formerly the Volume Purchase Program, or VPP).
Application blocking
Ready to retire an app or want to block unauthorized apps? Application blocking is built right into Kandji, allowing you to restrict usage across your entire fleet with just a few clicks.
Custom apps
Easily upload and deploy custom apps by dragging and dropping a package (.pkg or .mpkg), Disk Image (copy .app from disk image to /Applications), or ZIP File (unzip contents into specified directory).
Controls
150+ pre-built automations
With the largest library of macOS Parameters (over 150 and growing) you can toggle on with one click, Kandji empowers your IT team with the most control on the market.
Profiles
Kandji’s advanced implemention of Profiles takes full advantage of Apple’s powerful MDM framework with Profiles such as Wi-Fi, Privacy, SSO, System Extensions, and much more.
Custom Profiles
In addition to our library of Profiles, you an also easily deploy any custom .mobileconfig file according to your needs.
Custom scripts
Although we’ve containerized the most common policies with our Parameter library, we also support custom scripts for any unique device control needs.
Managed OS
Kandji’s managed OS tool is redefining how admins enforce operating system updates across your environment. It is built into our platform (no scripting required), fully enforced, and supports both major and minor OS updates.
Fully enforced
Major & minor updates
Global Profile Variables
Automatically input unique device details such as Asset Tag, Serial Number, User Email, and more into any profile text field.
Always stay audit-ready and share detailed results with auditors. Prove compliance at a moment’s notice using read-only auditor access mode.
Offline remediation
Kandji is the only MDM that works around the clock to enforce compliance and remediate issues whether your Macs are online or off.
Single sign-on (SSO)
SAML-based single sign-on (SSO) provides secure access for admins managing your devices with Kandji through an identity provider (IdP) of your choice.
Compliance control library
With Kandji, compliance is never an afterthought. Kandji is the only MDM with a pre-built library of security controls (over 150 and growing) that you can filter by specific compliance frameworks to meet your needs.
Templates for security best practices
Get started quickly by leveraging Kandji’s pre-built blueprints to deploy security and compliance best practices without having to start from scratch.
Alerts and logging
See a live stream of action on every machine in your fleet. Set up real-time alerts within Kandji or to Slack based on events you want to be notified of.
Effortless security
Keep your devices and data safe and sound. Easily enforce device encryption and remotely lock or wipe devices that have been lost or stolen.
Integrations
Intuitive integrations
Kandji easily integrates with a growing list of applications, allowing you to speed up setup, automate workflows, and save precious time.
Apple Business Manager
Leverage Apple Business Manager for Automated Device Enrollment (formerly DEP) and application management (formerly VPP).
Slack alerts for events
Set up customized Slack alerts for events you want to be alerted of, such as a missing devices or blocked application.
G Suite or Microsoft 365
Import your G Suite or Microsoft 365 users and assign devices to them directly within Kandji.
Watchman Monitoring
Use Kandji with proactive software monitoring provider Watchman Monitoring to keep devices safe and efficient.
CIS compliance
One-click CIS compliance templates automatically enforce and remediate macOS controls for CIS compliance Level I and II Scored.
Kandji API
Leverage the Kandji API for enterprise-grade extensibility.
.svg)
