Skip to main content

About Comp AI device agent

Installing Comp AI Device Agent helps you and your security administrator keep your device protected against security threats. Comp AI Device Monitor is a lightweight agent that helps ensure your device meets security compliance requirements. It monitors device configuration, installed software, and security settings to help maintain a secure work environment. Security powered by Comp AI: Your organization uses Comp AI to maintain security and compliance standards. If you have questions, contact your IT administrator.

System Requirements

Operating Systems: macOS 10.14+, Windows 10+ Memory: 512MB RAM minimum Storage: 200MB available disk space
For OS not currently support by the Comp AI device agent, manual evidence will be required of the device’s settings.

Installation Guide

On your org’s portal, click the “Download and Install Comp AI Device Agent” dropdown

Mac OS additional action

For Mac OS, users must enable MDM to complete the installation process:
At the top of your screen, find the Fleet Desktop app which looks like an F made of dots. Click on it and click My Device:My Device PnYou should see a banner that asks you to enable MDM. Click the button:Enable Mdm PnClick the Download button:Click Download Button PnReturn to your Downloads folder and click on fleet-mdm-enrollment-profile.mobileconfig:Downloads Folder PnThe following warning will appear, click OK:Click Ok PnClick the Apple icon in the upper left corner and go to System Settings:System Settings Icon PnIn System Settings, locate and click ‘Profile Downloaded’ in the left-hand column. Double-click on the Comp AI enrollment on the right:Device Management PnClick Install…:Install Comp Ai PnClick Install:Final Install PnEnter Credentials and click Enrol:Enrol PnEnrollment is then complete:Enrollment Complete Pn

Windows 10 & 11

  1. Enable BitLocker
    1. Press Start → type Manage BitLocker → open it.
      👉 Take a screenshot of the BitLocker Drive Encryption window showing “On” for the C: drive.
    2. Select the drive (usually C:) → click Turn on BitLocker.
    3. Save the recovery key to Microsoft Account / USB / secure location.
    4. Restart if prompted.
  2. Screen Lock after 5 Minutes
    1. Press StartSettingsPersonalizationLock screen.
    2. Scroll down → click Screen timeout settings.
      👉 Take a screenshot showing the screen timeout set to 5 minutes.
    3. Set Screen turns off = 5 minutes.
    4. In SettingsAccountsSign-in options → ensure Require sign-in is set to “When PC wakes up from sleep”.
      👉 Take a screenshot of the Sign-in Options page showing this setting
  3. Minimum Password Length (Local Policy)
    1. Press Win + R, type secpol.msc, press Enter.
    2. Go to Account PoliciesPassword Policy.
    3. Set Minimum password length = 8+.
      👉 Take a screenshot of the Password Policy window with “Minimum password length” = 8 or more.
      (If using Microsoft/AD/Azure, enforce via policy centrally and screenshot the policy compliance in the admin portal.)
  4. Automatic Security Updates
    1. SettingsUpdate & SecurityWindows Update.
    2. Select Advanced options → make sure Automatic updates are enabled.
      👉 Take a screenshot of the Windows Update settings page showing automatic updates turned on.
  5. Antivirus (Windows Defender)
    1. SettingsUpdate & SecurityWindows Security.
    2. Open Virus & threat protection → ensure Real-time protection is on.
      👉 Take a screenshot of the Windows Security window showing Real-time protection is ON.
Evidence gathered manually will be uploaded as a comment + attachment to the “Secure Devices” & “Device List” tasks with the users email of the device the evidence is for.

macOS (Monterey, Ventura, Sonoma)

  1. Enable FileVault
    1. Open System Settings (or System Preferences in older versions).
    2. Go to Privacy & SecurityFileVault.
    3. Click Turn On FileVault → enter password.
    4. Record recovery key.
      👉 Take a screenshot of the FileVault settings page showing “FileVault is enabled for the disk.”
  2. Screen Auto-lock (5 min)
    1. System SettingsLock Screen.
    2. Set Start screen saver when inactive = 5 minutes.
      👉 Take a screenshot showing the setting at 5 minutes.
    3. Set Require password after sleep or screen saver begins = Immediately.
      👉 Take a screenshot showing “Require password immediately” is selected.
  3. Minimum Password Length (Mac Lock Screen PW)
    1. Native macOS UI doesn’t enforce; requires Terminal or MDM.
    2. pwpolicy -setglobalpolicy "minChars=8"
    3. 👉 If set via Terminal, take a screenshot of the command output confirming the policy.
    4. If enforced by MDM (Jamf, Intune, etc.), screenshot the compliance screen from the MDM portal.
  4. Automatic Security Updates
    1. System SettingsGeneralSoftware Update.
    2. Click Automatic Updates → enable all options (Install Security Responses & System files, etc.).
      👉 Take a screenshot of the Automatic Updates options screen with all toggles enabled.
  5. Antivirus (XProtect built-in)
    1. macOS automatically runs XProtect in the background.
    2. Simply ensure macOS is fully updated.
      👉 Take a screenshot of the Software Update page showing the Mac is up to date.
Evidence gathered manually will be uploaded as a comment + attachment to the “Secure Devices” & “Device List” tasks with the users email of the device the evidence is for.
I