Identify vulnerabilities on devices.
Recognize out-of-policy user behavior.
Pinpoint potential data leaks.
Verify changes made with other systems.
Interpret incidents accurately and make decisions using real device data.
Investigate computers in real-time, asking arbitrary questions.
Notify your team when a CVE is detected, or if a user changes relevant settings.
Perform custom remediation actions using osquery extensions.
Verify whether vulnerable software was actually patched / verify changes made with other systems
Enroll macOS, Windows, and Linux laptops.
Enroll servers and containers in any (or multiple) cloud providers or data centers.
Quickly look up the installed software and OS details for any device.
Identify outdated, vulnerable, or compromised software, apps, and packages.
Identify devices with misconfigurations and MDM enrollment issues.
Verify other agents, like Munki or Falcon, are installed and working properly.
Verify compliance with accurate, up-to-the-minute data from actual devices.
Comply with internal processes, controls, and regulations.
Identify out-of-policy devices.
Modify policies instantly when standards harden or expand.
Measure progress towards compliance goals across teams and individuals.
Audit historical compliance of devices, computers, and teams.
Collect and send accurate security events to any external SIEM or data platform.
Enroll computers, update policies, and scan vulnerabilities in a CI/CD workflow.
Ask your devices anything, using the Fleet GUI, command line, or REST API.
Find out how Fleet can benefit your organization by exploring our docs and community. Want to get up and running quicker? Then try out Fleet locally on your device - you’ll be up and running in minutes.
Install Fleet and osquery locally on your device in less than 5 minutes.Try it out
A growing collection of useful queries for organizations deploying Fleet and osquery.Go to query library
Join the conversation or ask for help in our Slack channel.Join on Slack