Device Management
Endpoint Detection & Response
Vulnerability Management
Kai
Liftoff
Prism
Migration Agent
Auto Apps
Passport
Compliance
Assignment Maps
Managed OS
Integrations
Mac
iPhone and iPad
Apple TV
Vision Pro
Financial Services
Technology
Artificial Intelligence
Marketing Agencies
Resources Hub
Kandji Blog
Customer Stories
Mac Admins Community
Security Details
MDM Comparison Guide
Customer Support
Product Updates
Kandji Status
Customer Login
Register a Deal
Become a Partner
Partner Portal
About Kandji
News & Press
Careers
Contact
Why Kandji?
Back to Product UpdatesCustomizable Path Exclusions for Volume Encryption Reporting
You can now specify paths to exclude when the Kandji agent evaluates the "Report encryption status of attached APFS and CoreStorage volumes" parameter. This enhancement allows you to:
- Add multiple paths to be ignored during encryption status checks
- Use wildcards in your exclusion paths (e.g.,
/Volumes/Simulator/*) - Reduce unnecessary alerts for volumes that don't require encryption monitoring
When the parameter runs, the Kandji agent will skip the specified paths while still monitoring all other volumes. For transparency, the audit report will include information about which volumes were excluded from the check.
Multiple App Blocking Library Items
Starting today, you can now assign multiple App Blocking Library Items to the same device. This enhancement builds upon our Application Blocking Library Item functionality that was introduced on January 8, 2025.
With this improvement:
- You can create separate App Blocking Library Items for individual applications
- All App Blocking Library Items assigned to a device will be evaluated
- Existing Assignment Maps with multiple App Blocking Library Items will now evaluate all items for a given device, as they are no longer self-conflicting
This change provides greater flexibility in how you scope application blocking policies across your organization, allowing for more granular control over which applications are restricted on specific devices or groups of devices.
We recommend avoiding overlapping rules whenever possible. Doing so may cause unintended results.
