Meta pixel

Endpoint operations

Focus on data, not vendors

A device verifying compliance for every endpoint
Simplify security tooling

Consolidate your security tooling on top of open data standards like YAML, SQL, and JSON.

Ship data to any platform

Export anything. Ship data to any platform like Splunk, Snowflake, or any streaming infrastructure like AWS Kinesis and Apache Kafka.

Pulse check anything

Simplify security audits, build definitive reports, and discover and verify ongoing compliance for every endpoint, from workstations to data centers.

an opening quotation mark

I love the steady and consistent delivery of features that help teams work how they want to work, not how your product dictates they work.

Daniel Grzelak

Daniel Grzelak

CISO

PlayPlay video
PlayPlay video

Simplify security tooling

Consolidate your security tooling on top of open data standards like YAML, SQL, and JSON.

Incident response (IR)
Incident response (IR)

Contain and recover from breaches using live data, remote commands, and automated workflows.

Detection and response
Detection and response

Ship logs and alerts when unusual behavior is detected. Run scripts on demand or when alerts trigger.

File access monitoring (FIM)
File access monitoring (FIM)

Specify files to monitor for changes or deletions, then log those events to your SIEM or data lake.

Attack surface management
Attack surface management

Discover security misconfigurations and vulnerabilities and prioritize risks that matter to your organization.

Malware detection
Malware detection

Continuously scan host filesystems for indicators of compromise (IOC). Import malware signatures from threat intelligence sources.

Osquery made easy
Osquery made easy

Collect exactly the data you need from your production infrastructure across every cloud and data center*.

*Companies like Fastly and Gusto use Fleet in production with hundreds of thousands of endpoints, including containers, OT, and laptops.

Ship data to any platform

Export anything. Ship data to any platform like Splunk, Snowflake, or any streaming infrastructure like AWS Kinesis and Apache Kafka.

Extract data and correlate it with your log aggregator, SIEM, or data lake.

Ease your logging burden, pull the data you need.

Ship data to any platform

Pulse check anything

Simplify security audits, build definitive reports, and discover and verify ongoing compliance for every endpoint, from workstations to data centers.

Software and asset inventory
Software and asset inventory

Get visibility into all endpoints across any operating system*, including support for servers and containers in every cloud infrastructure.

EDR health checks
EDR health checks

Verify that your EDR tools are installed and working so you can identify and address configuration issues quickly.

Automatic posture assessment
Automatic posture assessment

Keep all your endpoints* compliant with customizable baselines, or use common benchmarks like CIS.

See logins for every endpoint
See logins for every endpoint

Identify who logs in to any system, including login history and current sessions.  Look up any computer by the email address of the person using it.

Verify updates and settings
Verify updates and settings

Track progress towards deadlines for security posture remediation projects, and enforce due dates through automations.

*Currently limited to: macOS, Linux, Windows, Chromebooks, OT, data centers, Amazon Web Services (AWS), Google Cloud (GCP), and the Microsoft Cloud (Azure).

Ship data to any platform

Osquery on easy mode

Accelerate deployment and get more out of osquery. You don’t need to be an osquery expert to get the answers you need from your devices, Fleet takes care of some of that for you.

Remotely disable/enable agent features, choose plugins, and keep osquery up to date.

Import community queries from other security teams at top brands like Palantir and Fastly.

Implement the Center for Internet Security (CIS) benchmarks (one click, 400+ queries, supported by Fleet). Or customize exactly the queries you need.

Who else uses Fleet?

Empowering security and IT teams, globally

Open-source endpoint ops

Focus on data, not vendors