Introducing Iru MCP: IT is moving from operators to builders

Summary

Iru MCP lets IT teams query, manage, and automate endpoint workflows from AI tools like Claude Code and Cursor.Iru MCP lets IT teams query, manage, and automate endpoint workflows from AI tools like Claude Code and Cursor. One prompt can replace multi-tool, multi-step processes while keeping humans in control of every irreversible action.

Endpoints just joined your IT team's AI build environment.

Your engineering team has been describing everything they do with Claude Code for a year. Until now, your IT team could not do the same thing with the devices they manage and secure. With Iru MCP, that changes. IT can now vibe code workflows, custom reports, dashboards, automations that span multiple tools, and do it safely..

If you can imagine it, you can build it

AI build environments like Claude Code and Cursor gave engineering a new way to work. Conversation in, working code out. Every system connected through MCP became a programmable surface they could read, write, and orchestrate.

Iru MCP brings endpoints into that same environment. Your device fleet becomes a programmable surface your team can read, act on, and wire into broader workflows in Claude Code, Cursor, or any MCP-compatible AI tool. Wire Iru’s endpoint products into every workflow you build. Run entire operational sequences from a single prompt.

IT teams are moving from operators to builders. That is AgenticOps.

See it in action: three real workflows

1. Threat detection and automated response

Iru EDR flags an unusual behavior pattern on a managed device. You ask your AI assistant to investigate. It pulls the threat record from Iru and evaluates the threat details against other details about the device, it isolates the device pending review, opens a security incident ticket, and notifies your team member via a slack message and email.

What used to be a fifteen-minute scramble is now a single workflow. Every action logged. Your team's response feels perfectly synchronized, with a complete audit trail.

2. A report for the board

The board asks how long the company has remained exposed to critical vulnerabilities, broken out by team. One prompt queries Iru Vulnerability Management for detection and remediation timestamps, joins them with user and group context from Iru Identity, and produces a report ranking teams by vulnerability dwell time. The longest exposures sit at the top.

Most teams cannot answer a question like that without turning it into a project. When the board changes the question next quarter, it’s no longer a scramble.

3. Multi-system onboarding and offboarding

A new employee joins. An always-on “Claude Routine” tags the device so it’s assigned to the correct Blueprint in Iru, it opens the onboarding ticket in your ticketing system, and posts a welcome message in Slack. ServiceNow, Slack, or anything else with an MCP connection joins the same workflow. When the employee leaves, the same logic runs in reverse: Iru unenrolls and wipes the device, Iru Identity revokes access, the offboarding ticket is opened, and the manager is notified.

Instead of reacting to events, IT built a workflow. It runs the same every time, across every system. Ship it once. Run it forever.

Safety is not an afterthought

Fair question: what if the AI does something unintended?

Every irreversible action stops and waits for you. Before anything executes, the AI surfaces a clear summary: device name, device identifier, assigned user, and the exact consequence. Nothing happens until you say yes.

Your Iru permissions carry through to every prompt, with the full granularity of Iru's role model. Every API endpoint is scoped individually on the MCP key. Your security team's key can pull threat, vulnerability, and device data. A help desk key can ship Blueprint updates. An automated workflow's key gets exactly what that workflow needs, and nothing else.

What this means for your team

The teams that embrace AgenticOps now are building a capability that compounds with every workflow. For practitioners, means spending less time as an operator and more as a builder. For leaders, that is a team that scales without adding headcount, building on the Iru investment you have already made. No new budget. No new tools. As Iru’s API expands, so does what your team can build. 

We cannot wait to see what you build.

IT and security teams are about to operate very differently. The shift from operator to builder is not a feature update. It is a new way of working that compounds with every workflow your team ships. The teams that start now will have built something the rest of the industry is still trying to understand. We built Iru MCP for those teams. Now it is your turn.

Get started using the Iru MCP

Get started here. The setup guide walks you through the whole process.

Prefer a live walkthrough? Register for the Iru MCP live event for a deeper dive and Q&A.

Want to learn more? Book a demo to see what Iru can do for your team.