Two new MDM and compliance checks are now available for the desktop app:

• Microsoft Intune — Verify whether a device is enrolled in Microsoft Intune. Supports both macOS and Windows.
• Vanta — Detect whether the Vanta compliance monitoring agent is installed and running. Supports macOS, Windows, and Linux.

Both checks can be configured in your organization's policy with warning and blocking actions, just like all other security checks.

These checks are currently available on desktop only.

Configure your policies

XFA now integrates with Noru, a GRC platform that makes compliance manageable for modern teams.

Once connected, XFA automatically syncs your device security data to Noru, giving you:

• Automated compliance - Device security checks are continuously exported as security findings, eliminating manual compliance verification.
• Risk mapping - Each security check is linked to a risk in Noru's risk registry, providing a clear overview of your organization's risk posture.
• Real-time visibility - Findings are synced as they happen, so your compliance dashboard always reflects the current state.

XFA exports 23 security checks across endpoint posture, compliance, configuration, and identity & access categories.

To get started, create an API key in Noru with Write Assets and Write Risks scopes, and connect it from the Integrations page in your XFA dashboard.

Read the announcement | Set up the integration

The XFA app now shows only the security checks that your organization requires, instead of displaying all available checks.

Each organization configures its own policy with specific security requirements. The app now dynamically matches these requirements and shows you exactly which checks apply to you:

• Policy-scoped checks — Only checks defined in your organization's policy are evaluated and displayed.
• Clear status per check — Each check shows whether your device passes, needs attention, or is blocked.
• Not required checks — Checks that don't apply to your organization are marked as "Not required" so you always know what matters.

This makes it much easier to understand what your organization expects from your device and how to stay compliant.

Three new AI-related security checks are now available in your policies:

• Secrets in environment — Detect and prevent exposed secrets in environment variables or runtime context to reduce credential leakage risk.
• Autonomous agents — Detect autonomous agents and require approved controls before allowing access.
• Unguarded elevation — Detect and prevent unguarded privilege elevation that can lead to unauthorized high-privilege actions.

Each check can be configured with warning and blocking actions, just like all other policy checks.

Configure your policies

Policies now support compliance goals, giving you granular control over how and when devices are warned or blocked.

For each security check, you can now configure three separate actions:

• Set your compliance goal — Define the time period in which devices should become compliant (e.g., 30, 60, or 90 days). This goal is only visible to administrators.
• Warn users — Choose when users are informed about a risk: before the compliance goal or on the due date.
• Block a device — Determine when non-compliant devices are blocked from access: before the compliance goal or on the due date.

For version-based checks (OS, browser, reboot), the device detail page now shows timeline badges with the configured goal, warning, and blocking thresholds in days, so you can see at a glance how close a device is to each deadline.

Configure your policies

You can now add notes and tags to devices directly from the dashboard to better organize and track your device inventory.

Notes allow you to add custom descriptions or important information about specific devices. Whether it's tracking device assignments, maintenance schedules, or special configurations, notes help you keep all relevant device information in one place.

Tags provide a quick way to categorize and filter devices based on your organizational needs. Create custom tags for departments, locations, device types, or any other classification system that works for your team.

Both features are accessible from the device details view and can help streamline your device management workflow.

Manage your devices

Visibility is everything when it comes to security. Our latest XFA Dashboard update makes it even easier to have an overview of devices connected to the business apps and a confirmation that your organization is secure.

This update brings a more detailed view of each device’s security health, a centralized overview of device checks that have been performed, and improved visibility across your team, designed to make device security simpler and your team’s productivity higher.

Take a look at what’s new

We're excited to introduce Agentless Sign-In, a new way to access your organization's resources without installing the XFA agent. This feature provides a faster, more flexible authentication experience while maintaining security compliance.

What is Agentless Sign-In?​

Agentless Sign-In allows users to authenticate and verify device compliance without requiring the XFA agent to be installed. This is perfect for users who don't have installation rights, are using shared devices, or simply want the fastest path to access.

Getting Started​

For detailed information about the agentless sign-in process, check out our user guide. For information on how to setup Agentless, check out our documentation.

We're excited to announce that XFA now includes Trends functionality in the dashboard, allowing administrators to track device security improvements and deteriorations over time.

The new trends feature provides valuable insights into your organization's security posture by displaying historical data and patterns. You can now visualize how your device fleet's compliance has evolved, making it easier to identify security trends and take proactive measures.

Current Features​

Currently, you can view trends for:

• OS Out of Date: Track how many devices have outdated operating systems over time

Coming Soon​

We're actively working on expanding the trends functionality to include more comprehensive statistics, giving you deeper insights into:

• Days since last reboot compliance
• Device encryption compliance
• Browser security status
• And many more security metrics

Get Started​

You can explore the new trends feature today by visiting the dashboard. This powerful addition to the XFA dashboard helps you make data-driven decisions about your organization's security policies and understand the impact of your security initiatives over time.

Stay tuned for more trend categories coming soon!

We're excited to announce that XFA now includes Windows Recall validation as a new security check to enhance data protection on Windows devices.

Windows Recall is a feature that automatically captures screenshots and stores sensitive information from your screen. Our new security check ensures that this feature is properly disabled to protect your organization's confidential data.

This security check allows administrators to:

• Detect when Windows Recall is enabled on managed devices
• Warn users about the potential security risks
• Block access to applications until Windows Recall is disabled

By adding this validation, XFA helps organizations maintain better control over data privacy and prevents sensitive information from being inadvertently captured and stored by Windows Recall.