Iru (Kanji’s) Big Bet on Unified Endpoint Security and Identity
If you have spent the last decade juggling an Apple MDM, a Windows tool, a separate EDR, a vulnerability scanner, and an identity provider that still dreams in LDAP, you are not alone. The modern enterprise security stack often looks like a Rube Goldberg machine built out of acquisitions and half-finished integrations.
Iru, formerly known as Kanji, is betting that CISOs are ready for something different.
In an Innovators Spotlight conversation for Cyber Defense Magazine, I sat down with Jimmy Acosta, Chief Technology Officer at Iru, to talk about how a focused Mac MDM vendor turned itself into a multi-product security and IT platform. The story is part origin myth, part re-platforming saga, and very much a play for the modern cloud first, mostly Mac workforce that wants security without a 50 person IT team babysitting it.
As Jimmy put it early on, the company has been busy. Very busy.
“We rebranded back in October. We kind of relaunch as a multi-product company, and, you know, like that is the thing that we’re talking about here. We’ve been mostly known for device management in Apple, and we recently launched, you know, switched from just being an Apple endpoint solution to a unified endpoint management solution. So now we do Windows and Android and both on both endpoint security. We just recently got into that space as well. So, we have an EDR solution and vulnerability management. And in October, we launched an identity access management solution like workforce identity, and [combined] with the compliance automation solution.”
For CISOs, the punchline is straightforward: one agent, one console, multiple security and IT control planes that are actually designed to work together, rather than duct taped through SIEM rules and brittle APIs.
From frustrated admins to a SaaS native platform
Like many genuinely useful tools in our industry, Iru did not start as a grand platform vision. It started with annoyed admins.
“The founders of the company were, effectively, IT administrators that were doing a lot of deployments, especially on Mac, they were mostly Jamf administrators, and they said, ‘We can do better, right?’ There is a better way of doing this.”
That “better way” became a ground up SaaS take on Apple device management.
“Basically, it’s a reimagining of a device management solution using modern practice and modern techniques. So complete SaaS solution from the ground up. Focus on the end user and the admin experience, so that when you’re using our products, it doesn’t feel like, you know, a lot of these products that are in the market, they are kind of put together through acquisitions. This is like a handcrafted solution that is designed from the ground up to actually provide a delightful experience to our administrators but still maintain the powerful nature of being able to actually do device management.”
Security teams have lived with the “put together through acquisitions” problem for years. Consoles that look like three different products stapled together, reporting that never quite lines up, and agents that step on each other’s drivers are not just annoying, they are risk.
Iru grew up as the opposite of that. It built one product, tightly focused on doing Mac management well, and then broadened out from there. The market responded.
“That’s the original mission, and it’s been a complete success. The company in 2024 grew to a series D round. We have over 6000 customers at the moment. So it’s actually grown. We have a very, very healthy growth rate in ARR, you know, even though we’re in device management.”
In other words, this is not a science project. It is a scaled SaaS business that proved out device management first, then expanded into adjacent security capabilities.
When Macs stopped being an afterthought
If you have been in security long enough, you remember the era when Macs were the weird art director’s laptop in a corner that no one wanted to manage. Iru grew up right as that equation flipped.
Speaker 1, a CISO who actually runs Iru’s agent on his own MacBook, summarized the old mindset neatly:
“Kanji, Iru, used to be kind of an afterthought almost because you had Windows systems that needed to be managed. Oh, and we have some Macs over here, so what are we going to do about them? Oh, let’s do Kanji, right, because that was the way that they were thinking.”
Today Iru sees the opposite pattern, especially in cloud native companies.
“We have a lot of startups and newer companies, like we have about a third of the cloud 100, 150 that are basically our customers. You go to our website, you’ll see Canva, Notion, all of those companies. They all start up with a Mac. And they look at it, you know, back in the day the old, you know, like, if you’re really big enterprise, yes, you know that may we may not be the best fit, but for those companies that are coming in and want to do something from the ground up, that is a new technology stack that actually fits what they do and what they need with a much smaller IT footprint, because we, again, abstract a lot of the complexity, people actually prefer Kanji.”
The interesting twist is what happens next. Once Iru is in the environment for Mac, the rest of the estate comes up in conversation.
“What ends up happening now is, it’s kind of the reverse. We actually are going into our customers and they bring us on for Mac and say, ‘Do you do Windows? Because we have now 20 Windows.’ So, we get a lot of, like, there’s a lot of customers asking for Windows. And we decided to take the plunge, and we launched that in October.”
For CISOs who have inherited mixed estates of Macs from engineering and Windows from everyone else, that shift from “Mac afterthought” to “Mac first” is more than cosmetic. It is a chance to flatten the endpoint security and management stack on top of a single, cloud native foundation.
One agent, vulnerability management, and auto patching that actually closes the loop
Plenty of vendors will talk about “better together.” Fewer can show you where the integration actually eliminates work for your team.
One of Iru’s more compelling stories for security leaders lives right at the intersection of device management, vulnerability management, and patching.
Speaker 1, who has used the product at multiple companies, called out one of the fan favorite features:
“I appreciate it on my MacBook, because I run it on all of my MacBooks, and they’re managed. But I appreciate the fact that it’s always keeping everything up to date.”
Jimmy highlighted how that familiar auto update feature becomes more powerful once you layer on vulnerability management using the same agent.
“Auto apps is one of the key features. Basically, you can configure auto updating through our self-service, and that’s all very configurable and very user friendly, so we don’t go in and get in your way, same thing with updates. And then, you know, just as an example of what we’re doing, our auto update feature now combined with vulnerability management, this is when we’re talking about the Better Together story. When you get a vulnerability that we can detect through, by the way, single agent, same agent, there’s not a multi scrolled agent, so same agent has the same capabilities of plugin architecture. The moment you actually enable vulnerability management; we can immediately let you know that you actually have [an issue] and patch it immediately.”
If your current vulnerability management process looks like this:
- Scanner finds a critical CVE
- Report shows up in someone’s inbox
- A ticket is manually filed for the endpoint team
- Someone eventually pushes a patch through the MDM or configuration tool
you can see the appeal of having detection and remediation share the same telemetry and agent.
As Jimmy puts it:
“You don’t have to have a multi tool like, ‘Okay, I found this vulnerability through my Rapid7, and now I’m going to have to go via my device management, go in and do the update.’ We actually take care of that all in the background.”
And yes, the policy driven controls CISOs expect are part of it.
“If you’re turning on vulnerability management, you’d want to create a policy that says patch immediately if you find a CVSS certain score. That is all configurable on how you want to be able to handle it. We have a relatively near real time solution of being able to actually detect them and being able to actually go in and set up the Auto app to go and patch as soon as possible.”
There is nothing magical about combining those capabilities. What is unusual is having them designed together from day one, rather than bolted together via an acquisition slide deck.
Passwordless identity as a first class citizen
Device management and EDR are table stakes in many environments. Where Iru starts to diverge from the traditional MDM path is its decision to launch a full workforce identity and access management solution built for a passwordless future.
Instead of starting with a directory that drags along two decades of baggage, Iru chose to skip straight to passkeys.
“In our identity management solution, the time was right to launch a new IAM solution that is fully passwordless. So we only support passkeys. That’s it. There’s no passwords. Obviously, if you’re federating against an existing ID or you’re using some other IDP in the back end, we can federate using whatever mode, your password, right, exactly, but we can actually do the native. If you’re using us as a directory, if you’re using us as the, we’re passwordless from day one.”
For CISOs who have spent years fighting phishing, credential stuffing, and users who treat the word “Password1” as a lifestyle choice, this is refreshing.
Jimmy draws a contrast with the previous generation of identity leaders, including his own former employer.
“I come from Okta. A lot of the reason Okta became very successful is because they were able to take a lot of the concepts that were in AD and put it on the cloud, but they needed to support LDAP, and they needed to support [those protocols]. We said, you know what, that’s the technology of the past. We’re just going to go in and work on the future.”
In an era where phishing kits are a commodity and security keys are finally mainstream, that is not a radical statement, but it is a welcome one. It is also a hint at how Iru thinks: do fewer things, in a more opinionated way, and point everything at the modern stack rather than the legacy comfort zone.
Rebranding and rebuilding in motion
Rebranding a SaaS company is a marketing exercise. Rebranding a device management and security company that already sits on thousands of endpoints is an operational and security minefield.
Jimmy joined Iru coming from a larger company and admits that the scope of what the team pulled off surprised him.
“When I joined back in April of last year, I’m coming from a larger company. And when I saw what, you know, I wasn’t aware of the scope of the launch, and I said, oh my God, there’s no way we’re going to be able to do this.”
The company targeted September and ended up shipping in October, which, for something of this magnitude, is practically early.
“October 23 we actually launched the product. It’s amazing. Switching to eru.com was a huge endeavor, because a lot of these devices are enrolled, and the devices are against the kanji.io domain. So it’s been quite a journey, all the certificates, making sure. There is a lot of work that went behind this. I’m impressed how we’ve been able to do that. I think it’s a combination of the tenacity of our leadership, my boss had this vision for some time, and has been laser focused on being able to deliver it. But also, I think the culture and the tech stack allowed us to be able to expand relatively quickly.”
Even the visual details on the endpoints needed careful handling. If you change the icon in the menu bar of a managed device without warning, you do not get a delightful user experience, you get a flood of phishing and compromise tickets.
“When you actually migrate to the new Iru console, which we are, I think, 70 percent of the way done, most of our customers, but we’re letting customers do it at their own pace. Once you do that, we’re going to have a playbook for the administrators. Because all of a sudden now the little bee will become our new logo, which is a jellyfish. We want to make sure that we work with our administrators so that people do not freak out that they are saying, ‘Wait a minute, did my company get compromised? My laptop is showing something new.’”
The jellyfish branding is not just cute trivia, although the story is fun.
“I don’t know if you know what an Iru Kanji is. Iru Kanji is actually a jellyfish. The original name Iru Kanji is the name of the jellyfish. Eventually, at the beginning, they kind of retired the Iru to use it sometime in the future, and they just kept the Kanji. So we’re now back to the original name.”
For security leaders, the important bit is the operational discipline around that transition and the fact that customers are being migrated at their own pace, with a playbook, instead of being surprised by a logo swap that looks exactly like a supply chain attack headline.
Support that is actually staffed by admins
Every vendor claims their support is “world class.” Iru’s argument is refreshingly concrete. They staff support with people who have actually done the job.
“Our support is part of our best, absolutely. Coming from a larger company, typically support in larger companies is not as [strong]. Here we have actual IT admins. Every support person in our company is an IT admin. It is 24 by 5 right now, moving to 24 by 7 soon. Our CSAT is like over 93. It is a really, really, really great customer satisfaction. Support is actually one of the areas that we feel is a great feature. Being able to actually talk to somebody, and it’s as simple as going to your console and start typing, and eventually it gets you to a live person.”
For CISOs, this matters because a platform that covers device management, EDR, vulnerability management, and identity becomes a critical dependency. When something breaks, you do not want to be explaining basic MDM concepts to a tier 1 script reader.
How Iru goes to market
While many SaaS vendors in this space are chasing product led growth and freemium funnels, Iru’s go to market is more traditional and, arguably, more aligned to how midmarket and enterprise security decisions actually get made.
“We’re mostly direct sales. We’ve tinkered a little bit with product led growth. I think we held back a little bit on that because we were launching so many things into the marketplace. We wanted to understand how they were going to receive [them]. We do have some partners that we work on, but that’s still very nascent. I would say 80 to 90 percent of our go to market is direct sales.”
Proof of concept driven evaluations are the norm.
“They do a POC and go through the whole process, correct. But I think there’s a lot of opportunities for growth in all these other areas, like, you know, we’re looking potentially at working with MSPs. Those are in the future, potentially. But right now, our main area of focus is direct sales.”
For CISOs and security leaders, that means you are not being treated as a fly by night self serve signup. You get sales engineers, solution architects, and support that understand your use cases, not just your credit card number.
Why CISOs should care
Strip away the branding stories, jellyfish logos, and personal anecdotes, and what is Iru really trying to offer a CISO?
- A unified agent and console for Mac, Windows, and Android that handles both classic device management and security functions
- Native vulnerability detection and policy driven auto patching bound directly to device management capabilities
- A passwordless first workforce identity platform that does not drag along last decade’s protocols as first class citizens
- Opinionated, cloud native design rather than a grab bag of acquisitions stitched together in a shared CSS file
- Support staffed by actual IT admins, available directly from the console
In a market full of “platform” slides, the snarky take would be that everyone claims to do everything together. The difference with Iru is that the core pieces were designed together and share a common agent and context from the outset.
You still have to do the real work: instrument a POC, validate how the agent behaves on your fleet, integrate with your existing identity stack and SIEM, and dig into the roadmap. But if you are a CISO staring at a growing fleet of Macs, a noisy vulnerability backlog, and a desire to move toward passkeys without losing your sanity, Iru is worth putting on your shortlist.
Call to action for CISOs
If you are evaluating your endpoint and identity strategy for the next three to five years, here are pragmatic next steps:
- Inventory your current endpoint stack
List your Mac and Windows MDM, EDR, vulnerability management, and identity providers. Map where you have overlapping agents, duplicated data collection, and manual handoffs between tools. - Identify two or three “better together” use cases
For example: automated patching of high CVSS vulnerabilities across your Mac fleet, or enforcing passwordless sign in for key SaaS apps from managed devices only. These are the scenarios where Iru’s unified approach should materially reduce friction. - Run a focused POC on a real subset of your fleet
Start where your Mac density is high and your IT team pain is greatest. Validate the single agent behavior, auto app updates, vulnerability detection and remediation flow, and identity integration. Use the same rigor you would apply to an EDR bake off. - Stress test support and operations
File tickets, ask hard questions, and measure response time and depth of expertise. If you are going to rely on a unified platform, you need confidence that you can reach real experts fast. - Plan a phased rollout tied to identity strategy
If you are serious about passkeys and passwordless access, design a migration path where device trust and identity controls reinforce each other, instead of living in islands.
The vendors that will matter most to CISOs over the next decade are the ones that reduce complexity without sacrificing control. If Iru can continue to execute on its unified vision the way it executed on its rebrand and product expansion, it deserves a serious look as one of those vendors.
Author’s Note
The author sat down with Jimmy Acosta, Chief Technology Officer at Iru, for this interview at the 2026 RSAC Conference in San Francisco, held March 23rd to 25th, 2026. The conversation captured here reflects Iru’s strategy and product direction as described during that event.
For more information, please visit www.iru.com.
About the Author
Pete Green is the CISO / CTO of Anvil Works, a ProCloud SaaS company and co-author of “The vCISO Playbook: How Virtual CISOs Deliver Enterprise-Grade Cybersecurity to Small and Medium Businesses (SMBs)”. With over 25 years of experience in information technology and cybersecurity, Pete is a seasoned and accomplished security practitioner.
Throughout his career, he has held a wide range of technical and leadership roles, including LAN/WLAN Engineer, Threat Analyst, Security Project Manager, Security Architect, Cloud Security Architect, Principal Security Consultant, Director of IT, CTO, CEO, Virtual CISO, and CISO.
Pete has supported clients across numerous industries, including federal, state, and local government, as well as financial services, healthcare, food services, manufacturing, technology, transportation, and hospitality.
He holds a Master of Computer Information Systems in Information Security from Boston University, which is recognized as a National Center of Academic Excellence in Information Assurance / Cyber Defense (CAE IA/CD) by the NSA and DHS. He also holds a Master of Business Administration in Informatics.
