XFA & Thoropass integration

XFA gives you full visibility into every device accessing your work platforms, which helps you prove and maintain compliance with ease. Together with Thoropass, XFA ensures your device fleet meets security standards continuously.

Discover devices, raise awareness, enforce protection. In just minutes.

Discover devices,
raise awareness,
enforce protection.

We integrate with your Identity Provider, discover all connected devices, check their security, and enforce compliance-ready access controls.

1

Discover every device accessing your platforms

XFA can identify all devices accessing your business tools and reveal those that might otherwise go unnoticed, ensuring you have a clear understanding of your device landscape without compromising user privacy.

More about discovery ->
2

Boost security awareness company-wide

Give your team the tools to stay vigilant about device security. XFA lets you send automated reminders and verification requests as needed. Access weekly reports for a clear view of your company's security posture.

More about awareness ->
3

Enforce device security across your organization

Ensure only secure devices access your business platforms. XFA checks key security settings like auto-updates and encryption. With these insights, you can then enforce conditional access, integrating seamlessly with Microsoft, Google, Okta, and others.

More about enforcement ->

Simplify security and compliance with XFA and Thoropass

XFA brings real-time visibility into the security health of every device connected to your work platforms. Integrated with Thoropass, it makes endpoint security a seamless part of your compliance stack, without the overhead.

Low effort, high impact

XFA enables employees to work securely on any personal or preferred device, from anywhere, without delays. When combined with Thoropass, this flexibility supports compliance goals while maintaining a smooth experience that boosts both happiness and productivity.

Automatic gap analysis

While Thoropass tracks your compliance controls, XFA ensures that only secure devices access your systems. Whether managed or unmanaged, every device is visible, continuously monitored, and assessed. There are no blind spots, and no assumptions.

Awareness that scales

Users are automatically guided through installation and security checks. Issues are resolved before access is granted to business applications. This reduces friction, removes the need for MDM, and ensures compliance without involving IT at every step.

1

Get started with XFA

Provide your details and the details of your organization to create an XFA account.

component image

Questions?

We have answers.

Yes. Many device security and MDM requirements focus on keeping devices up-to-date, encrypted, and automatically locked. XFA can verify all these checks and automatically export the evidence to Thoropass to fulfill the required tests and controls.
Approximately twice per hour.
XFA discovers and identifies all devices accessing your business platforms, detecting security risks such as outdated software, missing encryption, and non-compliant security settings. It integrates with identity providers to enforce access policies, ensuring only secure devices can connect.

The XFA app verifies device security and provides clear remediation steps. Non-compliant devices are blocked until security requirements are met, preventing breaches and maintaining compliance.
Traditional MDM solutions require users to surrender control of each device to your IT security team, which can be difficult to scale and lacks the flexibility needed for a modern workforce. XFA provides a modern alternative by continuously discovering all devices accessing your business platforms, including managed, personal, and contractor devices.

Rather than imposing rigid controls, XFA verifies each device's security status based on your organization's policies, such as updated software, missing encryption, or non-compliant security settings. XFA prevents breaches through awareness and guides users through clear remediation steps before granting access.
XFA continuously analyzes authentication logs from identity providers to discover all devices, including managed and unmanaged ones. To verify their security compliance, users install the XFA app on their devices without granting administrator permissions. This ensures organizations can enforce security policies while maintaining user privacy, so only the device's security status is shared.
XFA can be deployed in minutes. Once connected to your identity provider, it automatically starts discovering devices, giving you instant visibility into all devices accessing your business platforms. From the next login, employees are guided through a quick three-minute self-onboarding process to install the XFA app on their devices without requiring administrator permissions. This ensures devices are verified for security compliance with minimal IT effort.

Need extra help deploying XFA? We offer three months of dedicated onboarding support as an optional add-on. Talk to sales. →
XFA performs checks across various device types, including outdated operating systems, disabled disk encryption, missing or installed password managers, and outdated browsers, among others. Additionally, XFA checks device security events to know about Common Vulnerabilities and Exposures (CVEs), helping organizations identify and address potential threats before they become a risk.
XFA secures BYOD devices by enforcing security policies at the identity level rather than taking full device control. Employees can continue using their personal devices while ensuring they meet security and compliance requirements. When a device is non-compliant, XFA blocks access and guides users through remediation steps before granting access. This ensures security and compliance while maintaining user privacy.
Yes, but where other security verification is needed. Employees install the lightweight XFA app on their desktop or mobile device to confirm compliance with security standards, without granting administrator permissions for full device control.

XFA only verifies that essential security features, such as encryption and software updates, are enabled and up to date. This supports security and compliance while maintaining user privacy.

Want to scale your security?

Let's talk.

Want to scale your security?