Kolide Fleet was an open-source Osquery Fleet Manager that Kolide released in late 2017.
Effective immediately, Kolide will no longer promote, endorse, support, or update Fleet. Any infrastructure outside of Github supporting downloads or packages will also be retired.
Since we will not be updating Fleet with any security patches or accepting bug bounty reports, it is important that you find a suitable alternative right away.
No. Kolide Launcher is a major component of our SaaS product, and we fervently believe in keeping the endpoint agent technology open-source.
We are proud and humbled by all of the organizations using Fleet today. We think it’s a great solution to monitor server-based infrastructure using Osquery. We recognize many organizations depend on Fleet so retiring it was not a decision we took lightly.
Since 2019, Kolide has found success building a SaaS endpoint security product around the philosophy of Honest Security. This philosophy is about building a foundation of trust between the security team and the end-users of a given organization.
When Fleet is used to obtain visibility on end-user devices, it is not software that enables an honest and accountable relationship between the security team and the end-users who are subject to the data collection Fleet enables.
Specifically, Kolide Fleet allowed administrators to use Osquery to vacuum up large quantities of end-user data without providing those users with any visibility or tools to understand or control that process. Fleet does not hold security practitioners accountable for the data they collect or how it will be ultimately used. In fact, many folks reach out to us asking how to use Fleet and Osquery together to collect things like:
- Web browser history
- Device geolocation
- The contents of private chat conversations
- End-user productivity analysis (what apps are open?, which one is in foreground?, when was the mouse last moved?)
Even though we never would assist administrators of Fleet with these requests, many were able to find ways to obtain this data and ultimately use our product to achieve objectives that are antithetical to our company’s values.
At Kolide these values are non-negotiable and we no longer want to build software under our name and branding that enables those use-cases. Since releasing Fleet we have launched a successful SaaS alternative built to enable our honest security vision.
Given the facts above, we have decided it is in our best interest to retire the project and thoroughly explain our rationale to the community.
Kolide no longer endorses the use of Fleet for monitoring end-user devices.
If you are looking to get additional visibility on end-user devices and want to do it honestly, you should check out our current offering. It’s a refreshing take on how to use technologies like Osquery and Slack to achieve the security team’s goals while simultaneously respecting end-users and their privacy.
If you use Fleet to monitor servers and are looking for a direct migration path check out FleetDM who has built an open-core paid offering on top of the original MIT licensed Kolide Fleet source code.
Also, since Fleet is open source under the permissive MIT license, you are of course free to fork it and build your own version. Our only ask is you do not associate Kolide or our branding as a means of promoting or endorsing any derivative of Fleet you create.
Since we retired Kolide Fleet, several security vulnerabilities in its third party dependencies have been discovered. We do not recommend users of Fleet run the original source code without mitigating these vulnerabilities.