diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..5509140
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+*.DS_Store
diff --git a/Apple/MDM Comparison Table.md b/Apple/MDM Comparison Table.md
index 3906834..fb52a02 100644
--- a/Apple/MDM Comparison Table.md	
+++ b/Apple/MDM Comparison Table.md	
@@ -2,13 +2,13 @@ ___
 > Check out my Blog that started this all: [Evaluating Apple MDM Products | SysManSquad](https://sysmansquad.com/2022/05/03/2022-05-03-evaluating-apple-mdm-products)
 ___
 
-
 # Simple table comparing some basic features of Apple MDM products
 
-### Key
+## Key
 
-| **:white_check_mark:**    | **Yes**                                           |
+| **Icon/Term**             | *Description*                                     |
 |---------------------------|---------------------------------------------------|
+| **:white_check_mark:**    | Yes                                               |
 | **:x:**                   | No                                                |
 | **:grey_exclamation:**    | Maybe or Partial                                  |
 | **:heavy_minus_sign:**    | Not Applicable                                    |
@@ -18,85 +18,83 @@ ___
 | **macOS**                 | Feature for macOS                                 |
 | **iOS/iPadOS**            | Feature for iOS flavors: iPhoneOS, iPadOS, iPodOS |
 | **tvOS**                  | Feature for tvOS (Apple TV)                       |
-| **Server Infrastructure** | Infrastructure feature, not OS-specific           |
 | **watchOS**               | Feature for watchOS (Apple Watch)                 |
 | **visionOS**              | Feature for visionOS (Apple Vision Pro)           |
+| **Server Infrastructure** | Infrastructure feature, not OS-specific           |
 
+## MDM Comparison Table
 
-### MDM Comparison Table
-
-| **Feature** | **Category** | **OS** | **Meraki SM** | **Jamf** | **Kandji** | **Mosyle** | **Addigy** | **JumpCloud** | **Intune** | **Workspace ONE** |
-|---|---|---|---|---|---|---|---|---|---|---|
-| **Local agent/binary** | Agent | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **CLI for local agent/binary** | Agent | macOS | :x: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: | :x: | :white_check_mark: |
-| **Native Teams Integration** | Alerts | Server Infrastructure | :x: | :x: | :white_check_mark: | :x: | :grey_exclamation::asterisk::heavy_dollar_sign: | :x: | :x: | :x: |
-| **Native Slack Integration** | Alerts | Server Infrastructure | :x: | :x: | :white_check_mark: | :x: | :grey_exclamation::asterisk::heavy_dollar_sign: | :x: | :x: | :x: |
-| **Email Alerts** | Alerts | Server Infrastructure | :white_check_mark: | :white_check_mark::asterisk: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Generic Outgoing Webhook** | Alerts | Server Infrastructure | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: |
-| **EDR/Antivirus product** | Antivirus | macOS | :grey_question: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: |
-| **EDR/Antivirus product** | Antivirus | iOS/iPadOS | :grey_question: | :x: | :x: | :x: | :white_check_mark::heavy_dollar_sign: | :x: |
-| **Self Service App** | App Delivery | macOS | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: |
-| **Self Service App** | App Delivery | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | :white_check_mark: | :white_check_mark: |
-| **Custom Cloud Content Distribution Network (CDN)** | Content Delivery | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Custom On-Premises Content Distribution** | Content Delivery | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: |
-| **Apple Business Manager (ABM) VPP Token** | Apple Business Manager | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Custom Configuration Profile support** | Configuration | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Custom Configuration Profile support** | Configuration | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Built-in Notifications to end-user** | App Update | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: |
-| **Built-in Notifications to end-user** | App Update | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | :white_check_mark: | :white_check_mark: |
-| **Forced App Installs (within MDM limitations)** | App Delivery | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Forced App Installs (within MDM limitations)** | App Delivery | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Forced App Updates (within MDM limitations)** | App Update | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Forced App Updates (within MDM limitations)** | App Update | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Declarative Device Management support** | Device Management | macOS | :grey_question: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: |
-| **Declarative Device Management support** | Device Management | iOS/iPadOS | :grey_question: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: beta |
-| **Declarative Device Management support** | Device Management | watchOS | :grey_question: | :x: | :x: | :x: |
-| **Declarative Device Management support** | Device Management | visionOS | :grey_question: | :x: | :x: | :x: |
-| **Apple TV support** | Apple TV | tvOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Apple Watch support** | Apple Watch | watchOS | :white_check_mark: | :x: | :x: | :x: |
-| **Apple Vision Pro support** | Apple Vision Pro | visionOS | :x: | :x: | :x: |
-| **API - Public Documentation** | Automation | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **API - REST standards** | Automation | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **API - Swagger Documentation** | Automation | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :grey_exclamation: | :white_check_mark: |
-| **API - Non-standard** | Automation | Server Infrastructure | :white_check_mark: |
-| **Offline mode (cached enforcement by local agent/binary separate from Config Profiles)** | Agent | macOS | :x: | :white_check_mark: | :x: | :x: | :grey_exclamation: | :x: |
-| **Blueprint Configuration framework** | Configuration | Server Infrastructure | :x: | :x: | :x: | :white_check_mark: | :x: |
-| **Device Groups - Attribute-based  membership - Automatic updates** | Configuration | Server Infrastructure | :x: | :white_check_mark: | :x: | :grey_exclamation: | :white_check_mark: | :white_check_mark: | :grey_exclamation: | :white_check_mark: |
-| **Device Groups - Attribute-based  membership - Interval  updates** | Configuration | Server Infrastructure | :x: | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
-| **User Groups - Attribute-based  membership - Automatic updates** | Configuration | Server Infrastructure | :x: | :white_check_mark: | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **User Groups - Attribute-based  membership - Interval  updates** | Configuration | Server Infrastructure | :x: | :x: | :x: | :x: | :white_check_mark: | :x: |
-| **User Groups - Directory Service group membership** | Configuration | Server Infrastructure | :x: | :x: | :x: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Shared iPad Mode support** | Shared iPad Mode | iPadOS | :grey_exclamation: Education only | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | :white_check_mark: | :white_check_mark: |
-| **App Lock - Single App Mode** | Configuration | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: |
-| **Custom Scripts deployed from Admin Portal** | Configuration | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Restrictions - App Block List** | Configuration | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: |
-| **Supervise Device** | Configuration | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Supervise Device** | Configuration | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Apple Business Manager (ABM) MDM Token** | Apple Business Manager | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Automated Device Enrollment (ADE) support** | Enrollment | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Automated Device Enrollment (ADE) support** | Enrollment | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **ADE Package support** | Enrollment | macOS | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: |
-| **ADE Automatic User Creation from Identity Provider (IdP), like OIDC, Entra ID, Okta, Google Worksapce,etc)** | Enrollment | macOS | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark: | :x: |
-| **Directory Integration - Okta** | Configuration | Server Infrastructure | :x: | :x: | :white_check_mark: SCIM | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: |
-| **Directory Integration - Google Workspace ** | Configuration | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
-| **Directory Integration - Microsoft Entra ID** | Configuration | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Admin Portal - SSO Login** | Identity | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Login Window replacement with IdP** | Identity | macOS | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark: | :x: | :x: |
-| **IdP Password Sync with local account** | Identity | macOS | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark: | :x: | :x: |
-| **Extension Attributes or equivalent** | Inventory | Server Infrastructure | :x: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: |
-| **Migration agent or package from previous MDM** | Migration | macOS | :x: | :x: | :white_check_mark: | :grey_exclamation: | :white_check_mark: | :x: | :x: | :grey_exclamation: |
-| **OS Updates** | OS Update | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **OS Updates** | OS Update | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **OS Updates** | OS Update | tvOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Admin Portal - Custom Access Roles (RBAC)** | Configuration | Server Infrastructure | :x: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: |
-| **Admin Portal - Pre-configured Roles (RBAC)** | Configuration | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
-| **Reporting - Built in to Admin Portal (no need to export data for manipulation)** | Reporting | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark::heavy_dollar_sign: |
-| **Reporting - Customize within Admin Portal** | Reporting | Server Infrastructure | :x: | :grey_exclamation: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: |
-| **Built-In - Local Admin Password Solution (LAPS)** | Security | macOS | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: |
-| **Baselines (Hardening) Pre-built configs** | Compliance | Server Infrastructure | :x: | :x: | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: |
-| **Compliance Control** | Compliance | Server Infrastructure | :x: | :x: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: |
-| **Security Templates** | Security | Server Infrastructure | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: |
-| **Sandbox instance** | Sandbox | Server Infrastructure | :x: | :white_check_mark: | :grey_exclamation: | :x: | :x: | :x: | :white_check_mark: |
-| **Microsoft Conditional Access support** | Security | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | | :white_check_mark: |
-| **Okta Device Trust support** | Security | Server Infrastructure | :x: | :x: | :white_check_mark: | :x: | :white_check_mark: | :x: |
-| **Other conditional access support** | Security | Server Infrastructure | :x: | :white_check_mark: | | | | | | :white_check_mark: |
+| **Feature** | **Category** | **OS** | **Meraki SM** | **Jamf** | **Kandji** | **Mosyle** | **Addigy** | **JumpCloud** | **Intune** | **Workspace ONE** | **Rippling** |
+|---|---|---|---|---|---|---|---|---|---|---|---|
+| <details><summary>**Local agent/binary**</summary>A vendor-provided GUI app for installation on the local Mac, used to provide capabilities beyond Apple's Device Management framework or notifications. Uses the vendors communication protocol rather that APNS</details> | Agent | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**CLI for local agent/binary**</summary>Command line interface of vendor-maintained/deployed code that provides status/inventory or interaction with admin actions</details> | Agent | macOS | :x: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: | :x: | :white_check_mark: | :x: |
+| <details><summary>**Native Teams Integration**</summary>'Batteries included' capability to send as little as admin/monitoring/status messages or as much as approval/creation/update/deletion actions via 'chatops'</details> | Alerts | Server Infrastructure | :x: | :x: | :white_check_mark: | :x: | :grey_exclamation::asterisk::heavy_dollar_sign: | :x: | :x: | :x: | :white_check_mark: |
+| <details><summary>**Native Slack Integration**</summary>Same detail as above</details> | Alerts | Server Infrastructure | :x: | :x: | :white_check_mark: | :x: | :grey_exclamation::asterisk::heavy_dollar_sign: | :x: | :x: | :x: | :white_check_mark: |
+| <details><summary>**Email Alert**</summary>'Batteries included' capability to have 'messages 'pushed' from the MDM</details> | Alerts | Server Infrastructure | :white_check_mark: | :white_check_mark::asterisk: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Generic Outgoing Webhook**</summary>Near-realtime, 'consequential'/to some extent practically useful, outbound HTTP POSTs in at least json if not protobuf/rpc format</details> | Alerts | Server Infrastructure | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | | :white_check_mark: |
+| <details><summary>**EDR/Antivirus product**</summary>Either running locally on the computer or able to cause the MDM to use non-customer 'sourced' intelligence to detect/respond to malware etc.</details> | Antivirus | macOS | :grey_question: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: |
+| <details><summary>**EDR/Antivirus product**</summary>Non-customer 'sourced' intelligence to detect/respond to malware etc.</details> | Antivirus | iOS/iPadOS | :grey_question: | :x: | :x: | :x: | :white_check_mark::heavy_dollar_sign: | :x: | | | :x: |
+| <details><summary>**Self Service App**</summary>Device/user-focused/facing 'store/catalog' or way for end users to interact with info, 'curated' apps/scripts</details> | App Delivery | macOS | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Self Service App**</summary>Device/user-focused/facing 'store/catalog' or way for end users to interact with info or 'curated' apps/functions</details> || App Delivery | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Custom Cloud Content Distribution Network (CDN)**</summary>Vendor-facilitated hosting with at least some redundancy (multiple data center/region), to distribute apps/assets/configs</details> | Content Delivery | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Custom On-Premises Content Distribution**</summary>Some applicable resources can be 'cached' and hosted within a known network/cloud provider region/address space</details> | Content Delivery | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | | | | :x: |
+| <details><summary>**Apple Business/School Manager (AxM) VPP Token**</summary>Can access and account for app licenses purchased via either applicable program</details> | Apple Business Manager | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Custom Configuration Profile/Declaration/Command support**</summary>At least custom configuration profiles (containing arbitrary domains/keys/values/'depths'/data structures, as long as valid in the spec/XML) can be loaded in and distributed with some parity to other 'baked-in' payloads/commands</details> | Configuration | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Custom Configuration Profile/Declaration/Command support**</summary>Same detail as above</details> | Configuration | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Built-in Notifications to device**</summary>'Batteries included' capability to send practically useful notifications to enrolled computers</details> | App Update | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | |:white_check_mark: |
+| <details><summary>**Built-in Notifications to device**</summary>Same as above but within platform constraints e.g. vendor's app badging/'toaster' banners</details> | App Update | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | :white_check_mark: | :white_check_mark: | | :x: |
+| <details><summary>**Enforced Installs**</summary>Assuming reasonable criteria for success, can ensure installation occurs when app not present & without MDM protocol/VPP</details> | App Delivery | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Enforced Installs**</summary>Within platform limitations, ensure an app is 'locked' on a managed/supervised device</details> | App Delivery | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Enforced Updates**</summary>Can ensure when an app is already considered present it can be updated to a functional desired version (without VPP)</details> | App Update | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Enforced Updates**</summary>Can ensure a non-latest app version is updated to functional desired version</details> | App Update | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Declarative Device Management support**</summary>Can leverage the updated protocol commands supported by Apple as defined in the [Apple Platform Deployment](https://support.apple.com/guide/deployment) guide</details> | Device Management | macOS | :grey_question: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: | :white_check_mark: |
+| <details><summary>**Declarative Device Management support**</summary>Same, for applicable platform</details> | Device Management | iOS/iPadOS | :grey_question: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: beta | :x: |
+| <details><summary>**Declarative Device Management support**</summary>Same, for applicable platform</details> | Device Management | watchOS | :grey_question: | :x: | :x: | :x: | | | | | :x: |
+| <details><summary>**Declarative Device Management support**</summary>Same, for applicable platform</details> | Device Management | visionOS | :grey_question: | :x: | :x: | :x: | | | | | :x: |
+| <details><summary>**Apple TV support**</summary>Can manage applicable platform</details> | Apple TV | tvOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | :x: |
+| <details><summary>**Apple Watch support**</summary>Can manage applicable platform</details> | Apple Watch | watchOS | :white_check_mark: | :x: | :x: | :x: | | | | | :x: |
+| <details><summary>**Apple Vision Pro support**</summary>Can manage applicable platform</details> | Apple Vision Pro | visionOS | :x: | :x: | :x: | | | | | | :x: |
+| <details><summary>**API - Public Documentation**</summary>Provides usable documentation/browser for API endpoints without undue access restriction</details> | Automation | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**API - REST standards**</summary>API is built with reasonable industry standard design, e.g. versioned with consistent URL structure, supports [CRUD](https://en.wikipedia.org/wiki/Create,_read,_update_and_delete) interactions, is not e.g. SOAP or arcane</details> | Automation | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | :white_check_mark: |
+| <details><summary>**API - Interactive browser/executable support**</summary>Provides confirmation/browsing of some API functionality via a browser like [Swagger](https://swagger.io/)/[Postman](https://www.postman.com) or a similar way to simulate/perform interactions</details> | Automation | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :grey_exclamation: | :white_check_mark: | |
+| <details><summary>**API - Non-standard**</summary>While not RESTful, an API 'surface' is provided in a reasonably consumable format at all for practically useful needs</details> | Automation | Server Infrastructure | :white_check_mark: | | | | | | | | |
+| <details><summary>**Offline mode**</summary>When 'air-gap'd or otherwise without server connectivity, can use local agent/binary to enforce (non-config profile) configurations</details> | Agent | macOS | :x: | :white_check_mark: | :grey_exclamation: Parameters only | :x: | :grey_exclamation: | :x: | | | :white_check_mark: |
+| <details><summary>**Blueprint Configuration framework**</summary>A working abstraction is present to make configuration/assets/tasks reusable across devices, resources, and/or users/groups</details> | Configuration | Server Infrastructure | :x: | :x: | :x: | :white_check_mark: | :x: | | | | |
+| <details><summary>**Device Groups - Attribute-based  membership - Automatic updates**</summary>Calculation of device group membership happens in near-to-constant time, based on practical attributes</details> | Configuration | Server Infrastructure | :x: | :white_check_mark: | :x: | :grey_exclamation: | :white_check_mark: | :white_check_mark: | :grey_exclamation: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Device Groups - Attribute-based  membership - Interval  updates**</summary>Device group membership is recalculated on a scheduled interval</details> | Configuration | Server Infrastructure | :x: | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | | :white_check_mark: |
+| <details><summary>**User Groups - Attribute-based  membership - Automatic updates**</summary>Calculation of user group membership happens in near-to-constant time, based on practical attributes</details> | Configuration | Server Infrastructure | :x: | :white_check_mark: | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | :white_check_mark: |
+| <details><summary>**User Groups - Attribute-based  membership - Interval  updates**</summary>User group membership is recalculated on a scheduled interval</details> | Configuration | Server Infrastructure | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | | | :white_check_mark: |
+| <details><summary>**User Groups - Directory Service group membership**</summary>Server-side group membership can be linked to a database like LDAP/Active Directory</details> | Configuration | Server Infrastructure | :x: | :x: | :x: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Shared iPad Mode support**</summary>Can configure and manage devices in Shared iPad Mode</details> | Shared iPad Mode | iPadOS | :grey_exclamation: Education only | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**App Lock - Single App Mode**</summary>Can lock a device into a single approved app, including handling to update the app with minimal disruption</details> | Configuration | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: | :x: |
+| <details><summary>**Custom Scripts Deployment**</summary>Provides a secure way to distribute and orchestrate execution of arbitrary code in common scripting languages to (applicable) enrolled devices</details> | Configuration | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Restrictions - App Block List**</summary>Can reasonably intercept/prevent the execution of identified unwanted processes</details> | Configuration | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Supervise Device**</summary>Can establish a supervision 'relationship' with a device to provide enhanced MDM features like specific configuration profile payloads</details> | Configuration | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Supervise Device**</summary>Same as above, for iOS/iPadOS devices</details> | Configuration | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Automated Device Enrollment (ADE) support**</summary>Can support the enrollment and configuration of macOS devices using Device Enrollment</details> | Enrollment | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Automated Device Enrollment (ADE) support**</summary>Same as above, for iOS/iPadOS devices</details> | Enrollment | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**ADE Package support**</summary>Allows admins to provide their own arbitrary executable code (e.g. contained in a package) to be delivered at time of ADE enrollment</details> | Enrollment | macOS | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | | |
+| <details><summary>**ADE Automatic User Creation via Identity Provider (IdP)**</summary>The MDM can ensure device authentication at time of provisioning is associated with a user account in an external database/via an identity provider, like (generically) OIDC, Okta, OneLogin, Entra ID, Google Workspace, etc.</details> | Enrollment | macOS | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | | | :x: |
+| <details><summary>**Directory Integration - Okta**</summary>Zooming in on specific vendor support, can integrate and sync with Okta for at group/user visibility/authentication</details> | Configuration | Server Infrastructure | :x: | :x: | :white_check_mark: SCIM | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: |
+| <details><summary>**Directory Integration - Google Workspace **</summary>Same as above, for Google Workspace</details> | Configuration | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | | :x: |
+| <details><summary>**Directory Integration - Microsoft Entra ID**</summary>Same as above, for Entra ID</details> | Configuration | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**Admin Portal - SSO Login**</summary>Admin interface supports SSO login via IdP/SAML/OAuth</details> | Identity | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Login Window replacement with IdP**</summary>Has supported offering to *replace* the native macOS login window with an interface for authenticating to an IdP</details> | Identity | macOS | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: |
+| <details><summary>**IdP Password Sync with local account**</summary>Has offering to sync passwords from an IdP with the local macOS user account</details> | Identity | macOS | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark::heavy_dollar_sign: | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: |
+| <details><summary>**Admin-Custom Inventory Collection**</summary>Has mechanism to collect/display admin-provided custom/arbitrary inventory criteria, e.g. by enabling the running of scripts/binaries</details> | Inventory | Server Infrastructure | :x: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | |
+| <details><summary>**Migration agent or package from previous MDM**</summary>Provides meaningful end-user facing/backend assistance to migrate/re-enroll devices previously enrolled in another MDM</details> | Migration | macOS | :x: | :x: | :white_check_mark: | :grey_exclamation: | :white_check_mark: | :x: | :x: | :grey_exclamation: | :x: |
+| <details><summary>**OS Updates**</summary>Follows spec to send commands that force devices to new minor or major macOS versions</details> | OS Update | macOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**OS Updates**</summary>Same as above, for iOS/iPadOS devices</details> | OS Update | iOS/iPadOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: |
+| <details><summary>**OS Updates**</summary>Same as above, for tvOS devices</details> | OS Update | tvOS | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | | :x: |
+| <details><summary>**Admin Portal - Custom Access Roles (RBAC)**</summary>Can arbitrarily allow/restrict R/W access to admin portal features for identified groups/users</details> | Configuration | Server Infrastructure | :x: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Admin Portal - Pre-configured Roles (RBAC)**</summary>Groups pre-determined elsewhere can allow/restrict collections of features</details> | Configuration | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
+| <details><summary>**Reporting - Pre-canned**</summary>Basic reasonable display of practically useful/relevant data to operating the service without forcing export of logs for external visualizations</details> | Reporting | Server Infrastructure | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark::heavy_dollar_sign: | | :white_check_mark: |
+| <details><summary>**Reporting - Customize within Admin Portal**</summary>Capability to configure persistent metrics or visualizations of the relevant service data</details> | Reporting | Server Infrastructure | :x: | :grey_exclamation: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark::heavy_dollar_sign: | :white_check_mark::heavy_dollar_sign: | | :white_check_mark: |
+| <details><summary>**Built-In - Local Admin Password Solution (LAPS)**</summary>Can manage/rotate local admin account passwords</details> | Security | macOS | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | | :white_check_mark: |
+| <details><summary>**Baseline (Hardening) Pre-built Configs**</summary>Compliance/security-related baseline configuration adherence is natively handled and can be determined/targeted without undue admin effort</details> | Compliance | Server Infrastructure | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | | :x: |
+| <details><summary>**Compliance Control**</summary>Explicit capabilities to enforce specific compliance controls on devices</details> | Compliance | Server Infrastructure | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | | :x: |
+| <details><summary>**Security Templates**</summary>Foundational/commonly-named security-specfic controls are built-in for applying without undue admin effort</details> | Security | Server Infrastructure | :x: | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | | :white_check_mark: |
+| <details><summary>**Sandbox instance**</summary>Supports/provides access to another instance of the service as an environment for isolating/validating service concerns or otherwise</details> | Sandbox | Server Infrastructure | :x: | :white_check_mark: | :grey_exclamation: | :x: | :x: | :x: | :white_check_mark: | | :x: |
+| <details><summary>**Microsoft Conditional Access support**</summary>Directly powers/supports enabling/enforcing Microsoft conditional access policies</details> | Security | Server Infrastructure | :x: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | | :white_check_mark: | :x: |
+| <details><summary>**Okta Device Trust support**</summary>Directly powers/supports enabling/enforcing Okta Device Trust</details> | Security | Server Infrastructure | :x: | :x: | :white_check_mark: | :x: | :white_check_mark: | :x: | | | :x: |
+| <details><summary>**Other conditional access support**</summary>Significantly enables similar policy engine-style access controls</details> | Security | Server Infrastructure | :x: | :white_check_mark: | | | | | | :white_check_mark: | :white_check_mark: |
diff --git a/README.md b/README.md
index 06a1c27..9c84de2 100644
--- a/README.md
+++ b/README.md
@@ -10,9 +10,9 @@ $${\color{red}New!}$$
 
 If you're lucky (unlucky?) enough to get to choose an MDM product for your organization, whether starting new or migrating from an existing one, you need to figure out what your true needs are.
 
-Being prepared to make concessions on superflous items while holding firm on high-priority features is a delicate balance. Ultimately, most admins will have to balance cost, functionality, and learning curve.
+Being prepared to make concessions on superfluous items while holding firm on high-priority features is a delicate balance. Ultimately, most admins will have to balance cost, functionality, and learning curve.
 For more info, check out my blog on Sysmansquad: [Evaluating Apple MDM Products](https://sysmansquad.com/2022/05/03/2022-05-03-evaluating-apple-mdm-products/).
 
 
 ### Managing Apple Devices
-To start, check out this [MDM Comparison Table](https://github.com/hkystar35/MDM/blob/main/Apple/MDM%20Comparison%20Table.md) for some mediume-to-high-level info on features of a few leading MDM products.
+To start, check out this [MDM Comparison Table](https://github.com/hkystar35/MDM/blob/main/Apple/MDM%20Comparison%20Table.md) for some medium-to-high-level info on features of a few leading MDM products.