At the contact interval specified in the MDM tab of the Server Settings the server schedules a command to update the device info/inventory. You'll actually see these in the Command Queue section at the bottom of the Mobile Devices window. iOS then responds with the inventory for the device at that time. The Mobile Device Last Contact info time denotes the last time an inventory was received from the device so that's how old the application inventory data is. I don't see how there could be any unauthorized apps on the device that wouldn't show up in the inventory unless it's no longer under MDM management or is jailbroken.
Is the MDM enrollment profile locked down the iPads with a DEP profile so that it cannot be removed by the enduser? If someone did in fact remove the MDM enrollment profile the device typically would no longer show up as managed and would grayed out and missing bunch of the inventory categories. Also the Mobile Device Last Contact info item would be way in the past from when the enrollment profile was removed.
Could be also the student is just blowing smoke.
Thanks for your response Bao. I meant to say where on the iPad does the MDM get the apps list from? I am not aware of the inner workings of an iPad. Is there a program files directory somewhere on there like in Windows where the MDM gets the apps list? Does it go by the icons that are on the home screen? I was just curious if there was a way for them to hide this information somehow.
The MDM enrollment profile is locked down with a DEP profile. It is not jailbroken and is still managed according to the MDM. We disabled the Apple Store on their devices so they can only install what we provide for them in the Absolute Store. When a teacher approached me about the student I told her that if he installed something he shouldn't have I would see it. I did have a feeling that the student is blowing smoke when I first heard about it, but I just wanted to make absolutely sure that there wasn't a way for them to hide it.
The LANrev server is making a call to Apple's MDM APIs to request a list of non-built in apps. These will be 3rd party apps for the most part. Sometimes you'll see some apps that are installed by iOS automatically that are not part of the base iOS installation, e.g. Find Friends, Find iPhone, iBooks, and Podcasts.