StackServicesIru

Iru

Last updated: May 12, 2026

Rationale

Iru is Fluid Attacks' MDM and EDR system.

The main reasons why we chose it over other alternatives are the following:

  • It focuses on macOS and iOS devices.
  • It supports Apple Business, which is critical for maintaining full control of devices.
  • It supports custom policies, which considerably increases flexibility.
  • It supports disk encryption, which is critical for information security.
  • It supports blocking devices and enabling Lost Mode on iPhones, which is critical for handling theft and other contingencies.
  • It has a cleaner and more intuitive UI.
  • It provides a notifications center with native Datadog integration.
  • It is an all-in-one platform that is straightforward to administer.

Alternatives

  • Jamf: The MDM we used before migrating to Iru. It is mature, feature-rich, and supports all our Apple requirements, but has higher complexity and cost and is better suited for large enterprise environments with dedicated IT teams.
  • Fleet: An open-source, cross-platform device management platform built on osquery, but it requires more technical expertise to set up and maintain and lacks native Apple lifecycle management features.
  • Applivery: A unified endpoint management platform focused on app distribution for macOS, iOS, Android, and Windows, but it has limited security and EDR capabilities and is not optimized for Apple-centric environments.
  • ManageEngine: A comprehensive IT management suite including MDM, endpoint security, and IT asset management across multiple platforms, but it has a steep learning curve and is not optimized for Apple-centric environments.
  • Apple Business Manager: Apple's official B2B portal for zero-touch device enrollment and app distribution, but it is not a standalone MDM and provides no EDR or security monitoring capabilities on its own.

Usage

We use Iru as the single platform for device management and endpoint security across all of Fluid Attacks' macOS and iOS devices.

It is used for:

  • MDM: Enrolling devices, enforcing policies, and managing configurations across the entire fleet.
  • Apple lifecycle management: Provisioning devices from scratch through Apple Business Manager with zero-touch setup.
  • App deployment: Distributing and updating software across all managed endpoints from a central catalog.
  • Compliance: Continuously evaluating endpoints against security baselines and generating compliance reports shipped to Vanta.
  • Vulnerability management: Detecting and tracking known vulnerabilities on all managed devices.
  • EDR: Monitoring endpoint activity in real time and responding to threats.
  • Telemetry: Shipping endpoint metrics and security events to Datadog for correlation with the rest of the platform.

IAM

Learn about IAM, an AWS service employed by Fluid Attacks to manage authentication and authorization within the AWS platform.

KMS

Learn about KMS, an AWS service employed by Fluid Attacks for secure storage and use of cryptographic keys in the cloud.

On this page

RationaleAlternativesUsage