How Fleet Brings Open Source to Enterprise Device Management

0

Leave him OSS Enterprise Newsletter guide your open source journey! register here.

With much of the world rapidly having to adopt a remote or hybrid working philosophy, this has created a need for tools that help companies manage and secure their remote workforce. IT and security teams are not in the same building as their employees and devices, while much of their IT infrastructure has been offloaded to the cloud, paving the way for device management companies such as Fleet blossom.

Fleet, in a nutshell, allows companies to “ask questions” about their servers and machines, regardless of operating system or location. It is built on a popular open source tool called Osquery, which can be installed on a device (e.g. a laptop) to allow relevant personnel to query the operating system and quickly return system data. This is especially important when responding to critical events such as security threats, but it can also be useful for monitoring just about anything happening on a device or server, such as tracking battery health or sending alerts when a user installs an unlicensed app or browser. extension.

“Fleet bridges the gap of blind faith – the platform is a single, authoritative, developer-friendly source of truth for all device data, from servers to laptops, on any operating system “Fleet co-founder and CEO Mike McNeil told VentureBeat.

Just over a year after its founding, Fleet today announced $5 million in seed funding from a slew of notable investors, including venture capital firm CRV and co-founder and CEO from GitLab, Sid Sijbrandij.

Floats at the feet

Osquery was originally developed within Facebook, with the social media giant open-source the project in 2014. The framework is billed as an endpoint agent that gives IT and security teams visibility into their Windows, Linux, and Windows infrastructure. Using simple SQL commands, it allows them to query all devices on a network as they would a database.

Osquery co-creator Zach Wasserman quit Facebook and started a new company called Kolide, who in turn developed an open-source platform called Fleet that was designed to make it easier to use Osquery in an enterprise environment. However, Kolide’s focus shifted from Fleet to a separate SaaS product, leaving Fleet in the hands of the community who took over maintenance. Wasserman left Kolide and, after a time as Fleet Maintenance Manager, he partnered with McNeil to launch Fleet Device Management Inc. last October.

The problem, ultimately, is that while Osquery is a powerful protocol and agent in its own right, it needs a scalable server for what could be thousands of devices to “call home”. with the latest data, according to McNeil. Additionally, Fleet ushers in a graphical user interface (GUI) and premium and enterprise-grade features such as vulnerability management, real-time device inventory dashboard, shareable device status reports, compliance policy reports and a REST API.

“Fleet is kind of like what GitHub and GitLab do for git,” McNeil told VentureBeat.

Above: Fleet Inventory Management: Monitor devices and find all device data using SQL queries

It should be noted that Fleet is fully self-hosted and self-managed, with companies able to deploy it on their own internal infrastructure or on one of the public clouds.

Fleet is infiltrating a space that includes mobile device management (MDM) players such as Jamfan Apple device management platform that hit public markets in 2020, and which has grown into a $4 billion company. Kanji is a similar concept to Jamf, and recently raised $100 million at an $800 million valuation. But Fleet is a different proposition for these types of businesses – and it’s also cross-platform.

“Fleet’s feature set is unique, but it works well to fill the gaps in MDM solutions like Jamf and security tools like Rapid7, Crowdstrike, or CarbonBlack,” McNeil explained. Indeed, Fleet can even be used to monitor these tools, to ensure that endpoint detection and response (EDR) and MDM software are working as they should.

With flaws such as the recently exposed Log4J zero-day vulnerability still fresh in people’s minds, Fleet may be well positioned to capitalize on companies’ increased awareness of supply chain security. The company recently launched a new vulnerability reporting automation feature, which allows organizations to generate tickets whenever a new vulnerability (CVE) is published in the National Vulnerability Database, but only for vulnerabilities that actually affect their own infrastructure.

“Today, some startups — and Fortune 100 companies — generate a ticket every time a new vulnerability is published,” McNeil said. “[However], an analyst should then respond to that ticket and perform a manual search to see which of their computers are affected. »

Thus, with Fleet, companies can save themselves a step by only addressing the vulnerabilities that concern them.

But what about smartphones, which now serve as the primary computing device for many – can’t Fleet/Osquery be used to monitor Android and iOS devices in the workforce? The simple answer is “not yet”, mainly due to the inherent restrictions that Google and Apple have around things like API access and sandboxing, while Android is specifically “very fragmented” with many instances of the operating system. exploitation in the wild.

Add to that the fact that mobile devices typically contain a lot of sensitive personal data – something the folks at Fleet don’t really want to get involved with – then it becomes clear why it’s focusing on server and desktop environments/ laptop at the moment.

The open source factor

As with almost every other commercial open source startup, Fleet’s open source foundation is a major selling point for businesses and startups. The code is fully inspectable and editable for beginners.

“If a team needs a change, they can request a feature, or they can just make the change themselves and try it out, then submit a pull request to share the code with other users,” McNeil said.

As an open source project, any company can of course use Osquery as the basis for their own custom solution. And there’s at least one other company doing just that – VC-backed Uptycs combines an Osquery fork with a proprietary security analytics framework to provide cross-platform monitoring and threat prevention. However, Uptyics is more focused on advanced cybersecurity and cloud use cases, rather than device management.

“Some organizations have created their own Fleet-like solution from scratch, to avoid vendor lock-in and allow them to modify the product as needed,” McNeil explained. “But then they get stuck with the interview. Fleet allows teams to create their own DIY security and IT solutions to get the best of both worlds. »

While McNeil wasn’t free to reveal paying customers, he noted that they currently have “significant annual recurring revenue” from more than ten businesses. However, a large number of well-known companies have publicly spoken of contributing to Fleet or adopting it in production environments, although it is unclear whether they are referring to the commercial Fleet product or not – but these companies include Snowflake, Uber, Atlassian, Heroku, Dropbox and Square.

“When we created Osquery on Facebook in 2014, we always envisioned open source as the answer to device visibility,” Wasserman added. “Today, Fleet is realizing that vision, and more.”

Among other investors, Fleet’s round includes Wasserman’s Kolide co-founder Mike Arpaia; Nico Waisman, security and privacy officer at Lyft; Sumo Logic’s Chief Security Officer, Greg Martin; Jack Naglieri, founder and CEO of Panther Labs; and Paystack (now owned by Stripe) co-founder and CTO Ezra Olubi.

VentureBeat’s mission is to be a digital public square for technical decision makers to learn about transformative enterprise technology and conduct transactions. Learn more

Share.

About Author

Comments are closed.