Sold by: Iru
Deployed on AWS
Free Trial
AWS Free Tier
Kandji is device management (MDM) and security built specifically to meet the unique needs of the Apple platform, with advanced endpoint detection and response optionally delivered through a single unified agent. Kandji is a modern, cloud-based solution to centrally manage and secure your Mac, iPhone, iPad, and Apple TV devices, saving IT teams countless hours of manual, repetitive work with features like one-click compliance templates and 150+ pre-built automations, apps, and workflows.
4.7
Overview
Kandji is the Apple device management and security platform that empowers secure and productive global work. With Kandji, Apple devices transform themselves into enterprise-ready endpoints, with all the right apps, settings, and security systems in place. Through advanced automation and thoughtful experiences, we are bringing much-needed harmony to the way IT, InfoSec, and Apple device users work today and tomorrow.
Features include:
True zero touch deployment Kandji takes the heavy lifting out of user setup with an interface built to give you more control without the technical challenges or unnecessary scripting. Our platform is clean, elegant, and customizable, allowing you to manage and elevate those crucial first-touch experiences. Start teams with the right apps, settings, and security controls, reduce support volume, and increase your onboarding efficiency.
Deep IdP and SSO Integration Make life simpler for your users with a single sign-on that does not sacrifice security. Automatically assign blueprints and controls based on user data from your identity provider. Create a login experience that is distinctly yours but matches the ease and style Apple users expect.
Self-healing device controls More than 150 toggle-on security settings allow you to customize nearly every aspect of your devices without additional scripting or configuration. All are monitored and enforced by the Kandji Agent, so they are automatically remediated if they slip out of spec.
Automated app patching Ensure users are always running the right software versions without the manual work of packaging, testing, or deployment. Kandji does the heavy lifting for you without interrupting users work.
Managed OS updates Managed OS is built-in to the Kandji platform and puts you in control of macOS across your fleet. Kandji supports all macOS updates from major overhauls to minor patches, and all updates are fully-enforced, so you never have to worry about teams running the correct version.
One-Click compliance templates Our pre-built templates, mapped to NIST, CIS, and STIG frameworks, deploy advanced security across your Mac fleet in minutes with the ability to customize individual settings.
Integrated endpoint security & response Kandji can deliver advanced endpoint security and response functionality through the same agent as management, radically simplifying Mac security. Kandji EDR gathers all metadata on files, analyzes them, detects the potential for malicious activity, and quarantines problems, all in the span between a user clicking download and the download completing.
Accelerated MDM migration The Kandji MDM migration tool and expert support take the stress out of switching from your old MDM solution. Our Migration Agent is custom-designed to fit your needs, deploys from your current MDM, and reduces user interaction to just a few clicks.
Unmatched Support Every Kandji support engineer has Mac admin experience, so we are like an extension of your company, available 24 hours a day, 5 days a week, and available to you free of charge. We know where you are coming from and provide peer-to-peer guidance on reaching your goals with device management and security.
For custom pricing, EULA, or a private contract, please contact aws-marketplace@kandji.io , for a private offer.
Highlights
- Zero-touch deployment Apple devices purchased through authorized resellers and managed with Kandji automatically transform themselves into enterprise-ready endpoints the first time they power on with all the right apps, settings, and security controls in place.
- Effortless management and compliance With automated updates for the OS and a library of 100+ business apps, admins can trust their device fleet will always stay up-to-date with the latest patches and features. And with blueprints that automatically enforce the things companies need to harden their fleet and meet benchmarks with the push of a button, it has never been easier to attain and maintain device compliance.
- Powerful detection and response Kandji runs MDM and EDR via a single agent, making advanced security simple to deploy and unremovable from devices. Kandji allows companies to see and respond to security threats instantly, with a detection powered by one of most comprehensive threat intelligence engines in the Apple ecosystem.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Kandji MDM | Apple-specific Device Management | $25,000.00 |
Kandji EDR | Apple-specific Endpoint Detection and Response (requires Kandji MDM) | $25,000.00 |
Kandji Vulnerability Management | Apple-specific Vulnerability Management (requires Kandji MDM) | $25,000.00 |
Vendor refund policy
All Orders are non-cancellable and all fees and other amounts you pay under this Agreement are non-refundable.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Chat: Live chat is available 24 / 5 via the Chat Bubble at the bottom right of the Kandji Web App. Support hours begin Sundays at 22:00 (UTC) and end Saturdays at 01:00 (UTC) (excluding company holidays). Email: Reach out to us via email at support@kandji.io Knowledge Base: Available 24 / 7 at support.kandji.io, you'll find overviews of all areas of Kandji and frequently asked questions. You can also submit a ticket from anywhere in our Knowledge Base at the top or bottom of the page. Please email us at support@kandji.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Device Security, Device Management
Top
10
In Device Management, IT Business Management
Top
50
In Device Management, Device Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Zero-Touch Device Deployment
Automatic transformation of Apple devices into enterprise-ready endpoints upon first power-on with pre-configured apps, settings, and security controls without user intervention.
Identity Provider and Single Sign-On Integration
Deep integration with identity providers enabling automatic blueprint and control assignment based on user data, with support for customized login experiences.
Self-Healing Security Controls
Over 150 configurable security settings monitored and automatically enforced by the Kandji Agent with automatic remediation if settings drift from specified configuration.
Unified Endpoint Detection and Response
Single agent delivering both MDM and EDR functionality with file metadata analysis, malicious activity detection, and quarantine capabilities during file download operations.
Compliance Framework Templates
Pre-built security templates mapped to NIST, CIS, and STIG frameworks enabling rapid deployment of advanced security configurations across device fleets with customizable individual settings.
Zero-Touch Device Deployment
Deploy devices to any employee anywhere by integrating with Apple deployment programs to deliver fully customized devices without manual intervention.
Dynamic Device Grouping and Automation
Utilize patented Smart Groups technology to automatically trigger real-time alerts and actions based on inventory data for dynamic device management.
Configuration and Policy Management
Apply configuration profiles, policies, and scripts to standardize Apple device settings and automate management across the fleet.
Application Distribution and Management
Integrate with Apple Business Manager to automate app assignment to users or devices and manage the app environment securely.
Native Security Implementation
Leverage native Apple security features to manage device settings, restrict malicious software, and deploy patches across Apple devices without user interaction.
Unified Endpoint Management
Manage multiple device types and operating systems including Android, iOS, iPadOS, Chrome OS, AR/VR devices, wearables, and rugged devices from a single console
Mobile Threat Defense
Enable mobile threat defense with continuous on-device protection and near real-time dashboards to identify and remediate security risks
Device Enrollment and Onboarding
Support Over-the-Air (OTA) device enrollment, Apple Business Manager integration, and Android Enterprise zero-touch enrollment for streamlined device setup
Enterprise Mobility Management
Provide MDM and EMM capabilities with containerization and device security features for inventory visibility of devices, apps, content, and corporate data across corporate-owned and BYOD programs
AI-Powered Security Automation
Deliver AI-powered real-time alerts and automated security policy enforcement through the Compliance Engine and Action Orchestrator for routine and complex endpoint tasks
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
-
-
-
-
-
No security profile
Standard contract
No
No
No
Customer reviews
Abhishek-Roy
Centralized security policies have streamlined remote troubleshooting and device management
Reviewed on Apr 12, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Kandji is device enrollment, and in my previous organization, I used Kandji as an MDM solution for managing and securing user devices.
A quick example of how I used Kandji for device management is by creating security policies, password policies, and managing FileVault encryption for device security.
What is most valuable?
In my experience, one of the best features Kandji offers is remote control assist, allowing me to take control of a user's device without needing any third-party software.
I value the remote control assist feature because it makes troubleshooting very easy; if a user is working remotely, it helps me to take control and perform troubleshooting.
Kandji has positively impacted my organization because it is very user-friendly, and among the multiple MDM solutions I have used, such as JumpCloud and Intune , Kandji stands out as one of the best for Mac devices.
Kandji stands out as one of the best MDM tools for Mac devices primarily because of its user experience, which is more user-friendly compared to JumpCloud and Intune .
What needs improvement?
I do not think Kandji needs any improvements; everything is very good, and as I mentioned earlier, I have used multiple MDM tools, with Kandji being one of the best.
For how long have I used the solution?
I have around one year's experience using Kandji, focusing on managing users and creating policies.
What do I think about the stability of the solution?
Kandji is very stable, and I would rate its stability a 10 out of 10.
What do I think about the scalability of the solution?
Kandji has very good scalability.
How are customer service and support?
I have not had the chance to interact with customer support to raise a ticket, but I believe it is all great.
Which solution did I use previously and why did I switch?
I did not previously use a different solution before Kandji; my previous organization was already using Kandji for Mac devices and Workspace ONE for Windows devices.
What was our ROI?
I have seen a return on investment from using Kandji because it saves time.
The time saved includes processes such as software installation, as previously we needed to take a user device remotely, but with Kandji, we can initiate software installation from the back end, which is a significant time saver.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, I did not manage the licensing part because I primarily handled the admin console, so I am not aware of the costs associated with it.
What other advice do I have?
My advice for others looking into using Kandji is that it is the best tool for securing Mac devices, creating policies, and managing devices; you can also manage your assets effectively in terms of quantity. I would rate this product a 10 out of 10.
Krishan Rawat
Centralized Mac management has streamlined device setup and simplified remote policy control
Reviewed on Apr 11, 2026
Review from a verified AWS customer
What is our primary use case?
Kandji is used in our organization to manage all of our Mac devices.
Kandji is an MDM tool which we use to manage our devices. For example, we set up our devices and directly enroll them in Kandji from the AVN, and then we can manage them from there. We can check the users' applications, redeploy applications on the user's MacBook, reset passwords, lock the MacBook, check disk encryptions, see all of our deployed applications, and deploy any policy or script we can run from a remote device.
When I see Kandji for the first time and encounter an issue with a user's MacBook, I first go on Kandji to see all applications they have, how their disk encryptions appear, and which OS they are running. I check everything from there, and I also send OS updates from Kandji. If I go deeper into anything, creating a script to run on a device is very easy. The policies we have set up differ for US devices and new devices, as well as VPN connections. We have different teams where specific applications are sent, and this setup is very friendly and easy to use for us, making our work easier.
We use Kandji in our organization as a public cloud solution.
What is most valuable?
Kandji's user-friendly interface is a valuable feature. In our terms, we can see that you can easily learn how to use Kandji. If you see it on the first day, you can use it fast with very correct results. If I run any script, it shows me the correct process, and then I can also check on the user if it has been successful. These are good features, and we can also monitor all of our devices, including MacBooks.
Kandji has positively impacted our organization by making it easy to manage all of our MacBook devices and applications. We find it easy to set up devices in about ten minutes. If I need to provide a new MacBook to any user, it is set up in just five to ten minutes, which makes our work easy, and there are no issues with Kandji when we use the device.
What needs improvement?
In Kandji, I see a drawback related to the remote wipe function. When we need to wipe a MacBook, sometimes the remote wipe command works, and sometimes it does not. This is a drawback because when we remote wipe a device, it should work immediately. However, it often takes more than thirty minutes to execute the command, and sometimes it fails.
The only improvement needed in Kandji is related to the remote wipe issue.
For how long have I used the solution?
In this organization, we have been using Kandji for more than three years.
What do I think about the stability of the solution?
Kandji is very stable.
What do I think about the scalability of the solution?
Kandji's scalability is very good in our organization. It is very easy to use, and I have great appreciation for Kandji.
How are customer service and support?
Customer support is very easy. You just go to the help section and can chat directly to get instant support. You can share screenshots of the problems you are facing.
Which solution did I use previously and why did I switch?
Before Kandji, we used ManageEngine and JumpCloud .
Before using Kandji, it took longer with other tools for Mac such as JumpCloud , where we faced many issues. We had conducted the POC, and it was not easy to use. We needed around forty-five minutes to an hour to set up a new device. With Kandji, we are able to do it in just five to ten minutes, where we only change the name and set it up while Kandji installs all of the necessary applications.
How was the initial setup?
The pricing, setup cost, and licensing experience are good. It is cheap, and we do not encounter any hassle during setup. They help us initially, and after that, we make improvements one by one until we become Kandji experts.
What was our ROI?
We have seen a return on investment in terms of money saved, time saved, and the other benefits of it being very easy to use.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing experience are good. It is cheap, and we do not encounter any hassle during setup. They help us initially, and after that, we make improvements one by one until we become Kandji experts.
Which other solutions did I evaluate?
We evaluated all of our MDM solutions including ManageEngine and JumpCloud, and then we switched to Kandji.
What other advice do I have?
I will advise others looking into using Kandji that it is very easy and good for you. Once you use it, you will feel the difference. I would rate this product nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Boris Zazovsky
Centralized device control has simplified compliance and security for our Mac environment
Reviewed on Apr 10, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Kandji is to manage our MDM , all of our devices, the softwares that we distribute, and mainly everything regarding the Mac computers in the company.
A specific example of how I use Kandji for managing my devices is that we created Blueprints first, but then they changed it to assignment map. We created an assignment map for all the MacBook computers, meaning we added the softwares that we want to distribute, all the configurations, all the settings, and everything. When there is an enrollment of the device, Liftoff installs all the basic softwares and settings.
Kandji is a great tool with great support, and it is a really unique product that works perfectly.
What is most valuable?
The best features Kandji offers include the easy management possibility and its intuitive interface.
What makes Kandji intuitive and easy to manage is the fact that you have Liftoff and everything is visual to you, allowing you to see the status of the enrollment and how easily you can manage it. The intuitive aspect also includes what is called Kandji Self Service, which is the best because you can see all the applications that you want users to install, and it is very intuitive and easy.
Kandji has positively impacted my organization because it was very easy to implement and manage all of our devices, especially when we manage with the ISO and SOC 2 certifications that we need for our organization. It has impacted the security and the IT aspect of the company very effectively.
What needs improvement?
One thing I think could be improved is what happens when a user gets locked out. Currently, you have to go to recovery and provide the recovery key, and then the user needs to log back in. I think this should be more self-service for the users without the intervention of IT.
For how long have I used the solution?
I have been using Kandji for about three years.
What other advice do I have?
The advice I would give to others looking into using Kandji is to make sure that you create a very good migration plan for your organization so that data will not be impacted. I would rate my overall experience with Kandji as a 9 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Tomas Palmlöf
Unified device control has improved compliance and now saves our team significant daily time
Reviewed on Apr 09, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Kandji is securing and controlling the endpoints. A specific example of how I use Kandji for securing and controlling endpoints is that we are trying to be compliant with NIS 2, so we are controlling the endpoints with endpoint security and controlling security. We know what apps we have and possess total control over the devices.
What is most valuable?
The best features Kandji offers are evident when compared to my long-time experience with Jamf. Jamf is really complicated and brilliant, but Kandji covers 90% of what Jamf does in a much simpler way. You don't need to be a big IT operation to handle Kandji. It has ease of use and more automated functionality.
The factors that make Kandji easier and more automated compared to Jamf include the Auto Apps function, which is brilliant. It takes 20 seconds to push out a new app, and it automatically updates. This function really saves time. The pre-configured blueprints grant you the security level you need and are really automated to the sharpest form.
The features are constantly changing and they are working hard to bring in new things in Kandji, which is really appreciated. Kandji has positively impacted my organization because it saves us time. The support is really good. I would say that we maybe would have to hire one more person in the organization if we hadn't had Kandji. I think it saves at least an hour a day.
What needs improvement?
Kandji can be improved by constantly bringing new features. The Windows part needs a lot of work. I am pretty sure they are working hard to get that up and running, but we are very pleased that we have one system for both device platforms like Windows and Mac. In Windows, there are a lot of features we need because they have just started with Windows. It works and fulfills the base setup, but there is a lot that I think will come in time.
For how long have I used the solution?
I have been working in the IT field as a manager for about 20 to 25 years.
What do I think about the stability of the solution?
Kandji is very stable.
What do I think about the scalability of the solution?
Kandji's scalability is good. It is really good because it is important to have a system that you can grow in. I think Kandji is a perfect choice for growing small companies that become medium-sized or even bigger. I think it is really good.
How are customer service and support?
The customer support is the best I have ever seen.
Which solution did I use previously and why did I switch?
I have used most of them, including Jamf, which is too complex for SMB companies and has a really steep learning curve. In my position, I don't want to do everything hands-on. I need other people in my group to be able to do things, and Jamf has a really steep learning curve. I have used InTune too, and that has the same issue with a really steep learning curve and it is really bad.
What was our ROI?
Though I cannot give you any facts from memory, I have saved money in time. As I said before, there is approximately an hour a day in work hours savings.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is that it is always hard to get budget for these things because management does not always see the upside of an MDM system. I think you have to package it with the security and compliance aspect, then it is easier. However, the price could be cheaper, not much, but somewhat cheaper.
Which other solutions did I evaluate?
Before choosing Kandji, I evaluated both Jamf again and looked at Mosyle. The conclusion was that we wanted one system for all devices, and that is why we chose Kandji, and for their support.
What other advice do I have?
My advice for others looking into using Kandji is to do a demo. Ask Kandji to do a demo for a couple of weeks, try it out, and compare it with the others. That is enough. I think Kandji has found a spot where you can do 90 to 92% of what is possible in an automated way and made it easy. I think that is the bottom line of what Kandji does. I didn't find Kandji; they found me, and I think that was good. I would rate this review a 9 out of 10.
Government Administration
An MDM with a Fast, Intuitive WebConsole That Simplifies Apple Device Management
Reviewed on Apr 08, 2026
Review provided by G2
What do you like best about the product?
What I like best about iru is the ease of use interface that is the iru WebConsole. everything is laid out in a logical fashion, so that an administrator can quickly find and get to, 90% of the tasks that they need to just after logging in.The webconsole is fast to load, and navigating through it is quick and effortless. iru also allows me to group devices into filtered views, so that i can quickly navigate to groups of users to view information on each group/ department, and in their individual records i can see their activity, current state of connectability, and what applications are assigned to each device, helping to remediate issues faster. Support is also robust, with chat support being easy to connect to an Agent and get help right away when I need it. I definitely feel like the value of the product and my ROI are equal.
What do you dislike about the product?
My only two downsides to iru are the Device limit being in packs of 25, and not in smaller increments such as five or ten. Our organization is not that large, so we are more adept at having to add smaller amounts of users than large amounts. My other concern is that iru, in adding features and other capabilities, may not remain core to what makes it great : Apple Device Managment done right. But we will see what the future holds.
What problems is the product solving and how is that benefiting you?
iru is solving our ability to get users onboarded and up and running within 24 hours, which use to take us up to 3 days to do so.