Release History

The release history contains a complete list of releases, features, and enhancements.


Introducing Exceptions

You can now use Exceptions to optimize what system activity is monitored and which applications will be ignored by Threat Prevention.

An Exceptions Sets tab has been added to the Plans page in the Jamf Protect web app. From this tab you can create and view Exception Sets and their associated plans. Exception Sets can contain one or more criteria that define the processes or File Paths to exclude.

Jamf Protect currently supports three types of Exceptions:

  • Override Threat PreventionThis is an exception to Jamf Protect's managed malware feed. It provides management capabilities to allow execution of processes that would otherwise be blocked by Threat Prevention.
  • Ignore System Events for AnalyticsProvides management capabilities to optimize performance of the agent by ignoring trusted locations and/or processes on a system event-wide basis.
  • Ignore for AnalyticProvides management capabilities to reduce noise of trusted activity on a per-analytic basis.

For more information, see Exceptions.

Jamf Managed Default Exceptions

Jamf Protect provides a default Exception Set that balances securing your endpoints which may impact the user experience. This Exception Set will be maintained and updated by Jamf.

The Jamf Managed Default Exceptions set can be added to plans in addition to custom Exception Sets created by Jamf Protect administrators.

Jamf Protect Network Threat Prevention Preview

Preview Feature Documentation

Previews give you a first look at upcoming features and functionality, and allow you to provide feedback and submit defects to our software developers. Preview features and documentation are provided for testing purposes and should not be considered final.

Network Threat Prevention is currently available in a Preview capacity to all commercial Jamf Protect customers (not available to education customers). Management of this feature is performed in the Jamf Security RADAR portal, and not in the Jamf Protect web app.

Current Jamf Protect customers can reach out to Customer Success to request access. Eligible customers will be contacted with more details. (2022-04-19)

Introducing Removable Storage Controls

If you are a Jamf Protect administrator, you can now prevent the use of removable storage devices to protect against accidental data loss and unauthorized access. Removable Storage Controls allow you to configure secure removable storage usage for your organization. For example, USB devices can be restricted or allowed based on vendor ID, product ID, device serial number, or encryption status.

The new Device Controls page in the Jamf Protect web app allows you to configure and view Removable Storage Control Sets and view their associated plans. Removable Storage Control Sets can be configured to apply increasingly granular rules applied to all removable storage devices, as well as allow use of specific devices with optional overrides.

Removable Storage Control Sets can be added to plans on the Plans page. Only one Removable Storage Control Set can be associated with any one plan.

Removable storage device restrictions are reported with the EnforcedRemovableDevicePolicy alert, including details about the device and the policy restriction applied.

Users who attempt to mount a removable storage device that has been restricted will see one of the following notifications:

If the removable storage device is prevented:If the removable storage device is read-only:

For more information, see Removable Storage Controls.


This feature is only available for computers with macOS 10.15 or later.

Resolved Issues

  • Removed the ability to uninstall Jamf Protect from computers via the command line or from scripts.

  • The USBInserted event now correctly reports on computers with macOS 12.

  • Threat Prevention and Custom Prevent matches are now properly quarantined if translocated.

Generate Jamf Protect Download URL (2022-02-17)

Introducing Generate Download URL

You can now automate obtaining the latest Jamf Protect installer or uninstaller PKG with a unique security identifier. The Generate Download URL feature provides a URL to the current Jamf Protect PKG without requiring authentication into the Jamf Protect Console or API.

This automatically generated token is unique to your Jamf Protect tenant, and can be rotated if necessary.

For more information, see Downloading the Jamf Protect Package and Plans for Deployment and Uninstalling Jamf Protect.

Change Management (2022-01-24)

Jamf Protect administrators can enable a change freeze to restrict changes to the Jamf Protect agent and its configuration. While a change freeze is active, users will have limited write access to Jamf Protect features.

Banners will be displayed in the Jamf Protect web app notifying users and administrators of an active change freeze.

For more information, see Change Management. (2022-01-20)

Performance Enhancements

  • This release includes data flow optimizations for repeated events that improve the Jamf Protect agent performance and network utilization.