Skip to main content

Iru Endpoint Management Integration Setup

This guide walks you through integrating Iru with RAD Security to ingest managed-device inventory and device compliance findings, and to trigger remediation on a device from RAD. Iru is an endpoint management platform. RAD Security connects to the Iru API using an API token and pulls device inventory and compliance posture on a scheduled basis to correlate them with your runtime, cloud, and Kubernetes security data.
Read-only ingestion, with one write action: RAD only reads device inventory and compliance from Iru. The single exception is device remediation — RAD can trigger a remediation action on a device through Iru. That action is RBAC-gated (requires tenant write permission) and recorded as an OCSF Device Control Finding.

Prerequisites

Before you begin, ensure you have:
  • An Iru account with API access
  • Permission to create an API token in Iru
  • Your Iru API URL (the base URL of your Iru API)
  • Access to a RAD Security workspace with integration permissions

Understanding Integration Components

RAD Security authenticates to the Iru API using an API token generated in your Iru account. The token is stored as a secret and never returned by RAD.
The API URL is the base URL of your Iru API endpoint. It is required so RAD targets the correct Iru deployment. Obtain it from your Iru account or administrator.
RAD Security ingests Iru device inventory and compliance via scheduled polling. Data arrives on RAD’s polling cadence rather than being pushed by Iru.

Step 1: Create an API Token in Iru

1

Sign in to the Iru Console

Log in to the Iru console with an account that has permission to manage API access.
2

Generate an API Token

Navigate to the API / access settings and create a new API token. Copy its value.
Copy the API Token immediately. It is typically shown only once at creation time. Store it securely in a password manager or secrets vault.
3

Note Your API URL

Record the API URL (base URL) for your Iru deployment.
Exact console navigation and labels may vary across Iru versions. Consult your Iru documentation or administrator for the current steps to create an API token and confirm your API URL.

Configure in RAD Security

Navigate to your RAD Security workspace and configure the Iru integration with the following parameters:

Required Parameters

ParameterRequiredDescription
API TokenYesIru API token used to authenticate API requests
API URLYesBase URL of your Iru API deployment

Verify Integration

1

Check Connection Status

  1. Navigate to Data Sources > Integrations > Endpoint Management in RAD Security
  2. Locate your Iru integration
  3. Verify the connection status shows as Connected
Your Iru integration is now configured! RAD Security will ingest device inventory and compliance findings from Iru on a scheduled basis.

What Data is Synced

Iru managed devices, mapped to OCSF Device Inventory Info (5001) — hostname, OS, hardware, serial, owner, managed/compliant flags, risk, and first/last-seen timestamps.
Device compliance posture, mapped to OCSF Compliance Finding (2003) and stored as security findings. Feeds unified posture analysis and RADBot.
The one write action — RAD can trigger an Iru remediation on a device. RBAC-gated (tenant write) and recorded as an OCSF Device Control Finding.

Use Cases

Compliance Management

Track device compliance gaps from discovery through remediation across your Iru fleet.

Asset Visibility

Use managed-device inventory to understand your endpoint estate and reduce attack surface.

Threat Response

Trigger Iru remediation on a non-compliant or compromised device directly from RAD.

RADBot Prioritization

Leverage RADBot to prioritize Iru device findings by real-world impact.

Troubleshooting

Possible causes:
  • Incorrect API token
  • The token was revoked or disabled in Iru
Solution:
  • Verify the API token is copied correctly (no extra spaces)
  • Confirm the token is still active in Iru
  • Regenerate the token in Iru and update it in RAD Security if needed
Possible causes:
  • Incorrect or unreachable API URL
Solution:
  • Verify the API URL matches your Iru deployment’s base URL
  • Confirm the URL is reachable and uses the correct scheme (https://)
Possible causes:
  • The account has no devices or compliance data in scope
Solution:
  • Confirm devices exist in the Iru console for the configured account

Security Best Practices

Use a Service Account

Create a dedicated API token for the RAD integration rather than tying it to a personal account.

Least Privilege

Grant only the permissions required to read inventory and compliance, plus remediation if used.

Rotate Credentials

Rotate the API token periodically according to your security policy.

Secure Secret Storage

Store the API token in a secrets vault. Never commit it to version control.

Additional Resources

Endpoint Management Overview

Learn about RAD’s endpoint management integrations

Data Sources

Connect additional security data sources

Next Steps

Endpoint Management Integrations

Explore other endpoint management integration options

Data Sources

Connect additional security data sources

RADBot

Learn how RADBot helps prioritize findings