The Iru Blog

WWDC 2026: The declarative era is here

Apple's next operating systems: How and why to test them now

Introducing Adaptive Compliance: Your controls stay current, automatically

Iru AI watches how your organization changes. Your compliance program keeps up.

Endpoint Drift: Why EDR coverage breaks down at scale [+ Take the quiz to see where you stand]

Your dashboard says every endpoint is covered. Patches show as deployed. Policies look locked down.

Inside SStar Agent, a cross-platform RAT with an unfinished macOS toolkit

Enroll Windows devices automatically through Autopilot

Setting up a new Windows device used to mean manual imaging and IT getting their hands on hardware, and many teams are still doing it this way. Windows Autopilot offers a better path: zero-touch deployment where devices ship direct from the vendor and enroll the moment the employee signs in for the first time. Iru connects directly to that flow, so the setup you configure once applies to every device.

NVD's shift to risk-based prioritization: how Iru Vulnerability Management stays ahead of the limitations

NIST formally transitioned the National Vulnerability Database to a risk-based enrichment model in April 2026, meaning only CVEs that meet specific criteria, like those in CISA's KEV catalog or affecting federal software, will be prioritized for enrichment. Everything else gets deferred. This leaves a significant gap for security teams that depend on NVD data for vulnerability management. Iru VM was built to operate independently of NVD's limitations, drawing from multiple sources and providing its own human-in-the-loop enrichment. To date, Iru's Security Research team has enriched close to 2,000 CVEs and corrected around 170 inaccurate NVD records, with 66% of all vulnerability detections across customer endpoints driven by Iru-enriched data. The CVE program has long been a vital part of vulnerability intelligence and protecting critical infrastructure. For the past couple of decades, the National Vulnerability Database (NVD), run by NIST, has served as a foundational reference for vulnerability intelligence, providing severity scores, product metadata, and structured enrichment that security teams and tooling depend on every day.

How to build a tech stack that runs itself

Gorilla's IT lead shares the playbook he uses to automate onboarding, offboarding, and compliance with Iru so routine work runs itself and the team can focus on higher-value projects. IT teams are being asked to do more than ever. Device management, security, compliance, AI enablement, and often all of it with a team of one. The difference between keeping up and falling behind often comes down to how much of the routine work can run without you.

Introducing Iru MCP: IT is moving from operators to builders

Iru MCP lets IT teams query, manage, and automate endpoint workflows from AI tools like Claude Code and Cursor.Iru MCP lets IT teams query, manage, and automate endpoint workflows from AI tools like Claude Code and Cursor. One prompt can replace multi-tool, multi-step processes while keeping humans in control of every irreversible action. Endpoints just joined your IT team's AI build environment.

Zero-Trust Endpoint Security: How To Defend Your Largest Attack Surface

In January 2026, the Dutch Data Protection Authority (the agency responsible for protecting citizens' personal data) had its own employee's work-related data accessed and stolen. Attackers exploited critical zero-day vulnerabilities in Ivanti's endpoint mobile management software before patches were even available. That same day, bad actors attacked the European Commission, and Finland's government IT provider lost data on up to 50,000 employees. All three incidents traced back to a single point of failure: endpoint management tools that granted access based on device identity alone, without verifying whether those devices were actually secure.

Iru Quarterly Threat Report: May 2026

Welcome to the Iru Threat Intelligence Report, our quarterly summary of emerging threats in the macOS ecosystem and how Iru is responding in real time. In each edition, we break down key threat discoveries and the protections we've deployed to keep customer devices secure.

Apple's Managed Migration Assistant: Bring IT control to macOS device refreshes

For the first time, IT has declarative MDM control over what transfers when a user migrates from an old Mac to a new one.

Understanding ADE: Enrollment, configuration, and where the gap lives

A guide to how Automated Device Enrollment works, where it stops, and how to close the window between enrolled and ready.

Securing Windows: Vulnerability management, auto patching, and OS updates

Unpatched software is behind roughly 60% of breaches. And with AI models getting better at finding exploitable vulnerabilities faster than most teams can remediate them, the window between disclosure and exploitation is shrinking fast.