diff --git a/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml b/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
index d21bfcc2a..930f603e1 100644
--- a/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
+++ b/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
@@ -539,7 +539,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain = 'com.apple.loginwindow' AND name = 'com.apple.login.mcx.DisableAutoLoginClient' AND value = 1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to prevent login in without a password."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that disables automatic login."
-  tags: compliance, hardening, built-in
+  tags: MDM required, compliance, hardening, built-in
   platform: darwin
   contributors: groob
 ---
@@ -550,7 +550,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain = 'com.apple.Terminal' AND name = 'SecureKeyboardEntry' AND value = 1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to enabled secure keyboard entry for the Terminal application."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables secure keyboard entry for the Terminal application."
-  tags: compliance, hardening, built-in
+  tags: MDM required, compliance, hardening, built-in
   platform: darwin
   contributors: groob
 ---
@@ -685,7 +685,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE name='askForPassword' AND value='1';
   description: "Checks that a mobile device management (MDM) solution configures the Mac to enable screen lock."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables screen lock."
-  tags: compliance, hardening, built-in
+  tags: MDM required, compliance, hardening, built-in
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -729,7 +729,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.SoftwareUpdate' AND name='AutomaticCheckEnabled' AND value=1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to automatically check for updates."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic updates."
-  tags: compliance, CIS, CIS1.2
+  tags: MDM required, compliance, CIS, CIS1.2
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -740,7 +740,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.SoftwareUpdate' AND name='AutomaticDownload' AND value=1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to automatically download updates."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic update downloads."
-  tags: compliance, CIS, CIS1.3
+  tags: MDM required, compliance, CIS, CIS1.3
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -751,7 +751,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.SoftwareUpdate' AND name='AutomaticallyInstallAppUpdates' AND value=1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to automatically install updates to App Store applications."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic installation of application updates."
-  tags: compliance, CIS, CIS1.4
+  tags: MDM required, compliance, CIS, CIS1.4
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -762,7 +762,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.SoftwareUpdate' AND name='CriticalUpdateInstall' AND value=1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to automatically download updates to built-in macOS security tools such as malware removal tools."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic security and data update installation."
-  tags: compliance, CIS, CIS1.5
+  tags: MDM required, compliance, CIS, CIS1.5
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -773,7 +773,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.SoftwareUpdate' AND name='AutomaticallyInstallMacOSUpdates' AND value=1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to automatically install operating system updates."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic installation of operating system updates."
-  tags: compliance, CIS, CIS1.6
+  tags: MDM required, compliance, CIS, CIS1.6
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -784,7 +784,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.applicationaccess' AND name='forceAutomaticDateAndTime' AND value=1 LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to automatically update the time and date."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic time and date configuration."
-  tags: compliance, CIS, CIS2.2.1
+  tags: MDM required, compliance, CIS, CIS2.2.1
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -795,7 +795,7 @@ spec:
   query: SELECT 1 WHERE EXISTS (SELECT CAST(value as integer(4)) valueint from managed_policies WHERE domain = 'com.apple.screensaver' AND name = 'askForPasswordDelay' AND valueint <= 60 LIMIT 1) AND EXISTS (SELECT CAST(value as integer(4)) valueint from managed_policies WHERE domain = 'com.apple.screensaver' AND name = 'idleTime' AND valueint <= 1140 LIMIT 1) AND EXISTS (SELECT 1 from managed_policies WHERE domain='com.apple.screensaver' AND name='askForPassword' AND value=1 LIMIT 1);
   description: "Checks that a mobile device management (MDM) solution configures the Mac to lock the screen after 20 minutes or less."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables the screen saver after inactivity of 20 minutes or less."
-  tags: compliance, CIS, CIS2.3.1, CIS5.8
+  tags: MDM required, compliance, CIS, CIS2.3.1, CIS5.8
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -806,7 +806,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.MCX' AND name='forceInternetSharingOff' AND value='1' LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to prevent Internet sharing."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that prevents Internet sharing."
-  tags: compliance, CIS, CIS2.4.2
+  tags: MDM required, compliance, CIS, CIS2.4.2
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -817,7 +817,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.applicationaccess' AND name='allowContentCaching' AND value='0' LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to disable content caching."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that disables content caching."
-  tags: compliance, CIS, CIS2.4.10
+  tags: MDM required, compliance, CIS, CIS2.4.10
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -828,7 +828,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.AdLib' AND name='forceLimitAdTracking' AND value='1' LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to limit advertisement tracking."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that disables advertisement tracking."
-  tags: compliance, CIS, CIS2.5.6
+  tags: MDM required, compliance, CIS, CIS2.5.6
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -839,7 +839,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.icloud.managed' AND name='DisableCloudSync' AND value='1' LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to prevent iCloud Desktop and Documents sync."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile to prevent iCloud Desktop and Documents sync."
-  tags: compliance, CIS, CIS2.6.1.4
+  tags: MDM required, compliance, CIS, CIS2.6.1.4
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -850,7 +850,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.security.firewall' AND name='EnableLogging' AND value='1' LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to log firewall activity."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that enables firewall logging."
-  tags: compliance, CIS, CIS3.6
+  tags: MDM required, compliance, CIS, CIS3.6
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -861,7 +861,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.loginwindow' AND name='DisableGuestAccount' AND value='1' LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to prevent the use of a guest account."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that disables the guest account."
-  tags: compliance, CIS, CIS6.1.3
+  tags: MDM required, compliance, CIS, CIS6.1.3
   platform: darwin
   contributors: GuillaumeRoss
 ---
@@ -872,7 +872,7 @@ spec:
   query: SELECT 1 FROM managed_policies WHERE domain='com.apple.AppleFileServer' AND name='guestAccess' AND value='0' LIMIT 1;
   description: "Checks that a mobile device management (MDM) solution configures the Mac to prevent guest access to shared folders."
   resolution: "Contact your IT administrator to ensure your Mac is receiving a profile that prevents guest access to shared folders."
-  tags: compliance, CIS, CIS6.1.4
+  tags: MDM required, compliance, CIS, CIS6.1.4
   platform: darwin
   contributors: GuillaumeRoss
 ---
diff --git a/website/assets/styles/pages/query-library.less b/website/assets/styles/pages/query-library.less
index 825940cfc..a46f4db37 100644
--- a/website/assets/styles/pages/query-library.less
+++ b/website/assets/styles/pages/query-library.less
@@ -36,10 +36,23 @@
     }
   }
 
+  [purpose='requires-mdm-badge'] {
+    text-transform: uppercase;
+    background: #6A67FE;
+    border-radius: 4px;
+    padding: 4px;
+    font-weight: 700;
+    font-size: 10px;
+    line-height: 10px;
+    display: inline;
+    color: #FFF;
+    text-decoration: none;
+  }
+
   [purpose='query-tag'] {
     font-size: 12px;
     font-weight: 700;
-    padding: 4px 8px;
+    padding: 2px 8px;
     border-radius: 20px;
     background-color: #E2E4EA;
   }
diff --git a/website/scripts/build-static-content.js b/website/scripts/build-static-content.js
index 2146766c5..b54dd2b16 100644
--- a/website/scripts/build-static-content.js
+++ b/website/scripts/build-static-content.js
@@ -43,6 +43,7 @@ module.exports = {
           } else if (query.resolution === undefined) {
             query.resolution = 'N/A';// « We set this to a string here so that the data type is always string.  We use N/A so folks can see there's no remediation and contribute if desired.
           }
+          query.requiresMdm = false;
           if (query.tags) {
             if(!_.isString(query.tags)) {
               queriesWithProblematicTags.push(query);
@@ -52,8 +53,13 @@ module.exports = {
               let formattedTags = [];
               for (let tag of tagsToFormat) {
                 if(tag !== '') {// « Ignoring any blank tags caused by trailing commas in the YAML.
-                  // Removing any extra whitespace from tags and changing them to be in lower case.
-                  formattedTags.push(_.trim(tag.toLowerCase()));
+                  // If a query has a 'requires MDM' tag, we'll set requiresMDM to true for this query, and we'll ingore this tag.
+                  if(_.trim(tag.toLowerCase()) === 'mdm required'){
+                    query.requiresMdm = true;
+                  } else {
+                    // Removing any extra whitespace from tags and changing them to be in lower case.
+                    formattedTags.push(_.trim(tag.toLowerCase()));
+                  }
                 }
               }
               // Removing any duplicate tags.
diff --git a/website/views/pages/query-library.ejs b/website/views/pages/query-library.ejs
index 3112460e7..1db97ac18 100644
--- a/website/views/pages/query-library.ejs
+++ b/website/views/pages/query-library.ejs
@@ -98,11 +98,10 @@
               <div class="card-body">
                 <div class="row justify-content-between align-items-center query-card">
                   <div class="col-12">
-                    <div class="d-block d-sm-flex flex-wrap">
-                      <h5 class="card-title m-0 mb-1 mr-sm-2">{{query.name}}</h5>
-                      <div class="my-2 my-sm-0 flex-wrap">
-                        <span class="mr-2 mb-1 text-nowrap d-inline-block" purpose="query-tag" v-for="tag in query.tags" @click.stop="clickSelectTag(tag)">{{tag}}</span>
-                      </div>
+                    <div class="d-flex flex-row align-items-center flex-wrap">
+                      <h5 class="card-title m-0 mb-1 mr-2">{{query.name}}</h5>
+                      <a purpose="requires-mdm-badge" class="mr-2" v-if="query.requiresMdm">Requires MDM</a>
+                      <span class="mr-2 my-sm-0 my-1 text-nowrap d-inline-flex" purpose="query-tag" v-for="tag in query.tags" @click.stop="clickSelectTag(tag)">{{tag}}</span>
                     </div>
                   </div>
                   <div class="col-sm-9 col-md-9">