WHAT IS IT?
Fleet is an open-source device management platform (MDM + visibility) for macOS, Windows, Linux, iOS, Android and Chromebooks. It builds on osquery to query host state in real time and bundles configuration, compliance, software inventory and remediation into a single tool driven through UI, API or GitOps.
WHY IS IT INTERESTING?
- Multi-OS in one console: macOS, Windows, Linux, iOS, Android and ChromeOS managed with the same workflows - no more silos between IT and security teams.
- API-first and GitOps: entire configuration (profiles, scripts, policies) described as YAML, versioned in Git, applied via pipeline. No mandatory clicks.
- Built on osquery: 300+ SQL tables to interrogate any host. Hardware, software, processes, vulnerabilities - everything is queryable.
- Lightweight and modular: features (MDM, vulnerability management, posture) toggle independently. Deploy only what you use.
- Enterprise integrations: native connectors for Snowflake, Splunk, Elastic, Jira, Zendesk, Vanta, GitHub Actions. Plays well with CrowdStrike, SentinelOne, Munki, Ansible.
USE CASES
- Inventory and audit a heterogeneous fleet (employee laptops, prod servers, IoT) from a single source of truth
- Enforce CIS macOS/Windows benchmarks and produce compliance reports (SOC 2, ISO 27001)
- Surface per-host software vulnerabilities and drive remediation via centralized scripts
- Run the MDM lifecycle (enrollment, profiles, remote wipe) on Apple and Windows through a GitOps workflow
- Detection and threat hunting by querying the fleet in SQL via osquery straight from the SOC