How Fleet brings open source to enterprise device management

Let the OSS Enterprise newsletter guide your open source journey! Sign up here.

With much of the world having to rapidly embrace a remote- or hybrid-working ethos, this has created a need for tools that help businesses manage and secure their workforce remotely. IT and security teams aren’t in the same building as their workers and their devices, while much of their computing infrastructure has been offloaded to the cloud — paving the way for device management companies such as Fleet to flourish.

Fleet, in a nutshell, allows companies to “ask questions” about their servers and machines, regardless of their operating system or location. It’s built on a popular open source tool called Osquery, which can be installed on a device (e.g. a laptop) to enable people relevant personnel to query the operating system and quickly return system data. This is particularly important when responding to critical events such as security threats, but it can also be useful for monitoring just about anything that’s happening on a device or server, such as tracking battery health or sending alerts when a users installs an unlicensed app or browser extension.

“Fleet closes the blind faith gap — the platform is a single, authoritative, developer-friendly source of truth for all device data, from servers to laptops, on any operating system,” Fleet cofounder and CEO Mike McNeil told VentureBeat.

A little more than one year after its foundation, Fleet today announced a $5 million seed round of funding from a slew of notable investors, including VC firm CRV and GitLab cofounder and CEO Sid Sijbrandij.

Fleet footed

Osquery was developed initially inside Facebook, with the social networking giant open-sourcing the project in 2014. The framework is pitched as an endpoint agent that gives IT and security teams visibility into their Windows, Linux, and Windows infrastructure — using simple SQL commands, it allows them to query all the devices on a network like they would with a database.

Osquery co-creator Zach Wasserman left Facebook and went on to create a new company called Kolide, which in turn developed an open source platform called Fleet that was designed make it easier to use Osquery in an enterprise setting. However, Kolide’s priorities transitioned away from Fleet to a separate SaaS product, leaving Fleet in the hands of the community who took over the maintenance. Wasserman left Kolide, and after some time as Fleet’s lead maintainer, he partnered with McNeil to launch Fleet Device Management Inc. last October.

The problem, ultimately, is that while Osquery is a powerful protocol and agent in its own right, it needs a scalable server for what could amount to thousands of devices to “phone home” with the latest data, according to McNeil. Moreover, Fleet ushers in a graphical user interface (GUI) and premium and enterprise-grade features such as vulnerability management, a real-time device inventory dashboard, shareable device health reports, compliance policy reporting, and a REST API.

“Fleet is kinda like what GitHub and GitLab do for git,” McNeil told VentureBeat.

It’s worth noting that Fleet is entirely self-hosted and self-managed, with companies able to deploy it on their own in-house infrastructure or any of the public clouds.

Fleet is infiltrating a space that includes mobile device management (MDM) players such as Jamf, an Apple device management platform that hit the public markets back in 2020, and which has gone on to become a $4 billion company. Kandji is a similar concept to Jamf, and recently raised $100 million at a $800 million valuation. But Fleet is a different proposition to these kinds of companies — and it’s cross-platform too.

“Fleet’s feature set is unique, but it works well to fill holes in MDM solutions like Jamf, and in security tools like Rapid7, Crowdstrike, or CarbonBlack,” McNeil explained. Indeed, Fleet can even be used to monitor such tools, to help ensure that endpoint detection and response (EDR) and MDM software is working as it should be.

With flaws such as recently exposed zero-day Log4J vulnerability still fresh in people’s minds, Fleet is perhaps well positioned to capitalize on companies’ heightened sense of awareness around supply chain security. The company recently launched a new vulnerability reporting automation feature, which allows companies to generate tickets every time a new vulnerability (CVE) is published to the National Vulnerability Database — but only for vulnerabilities which actually affect their own infrastructure.

“Today, some startups — and Fortune 100 companies — generate a ticket every time a new vulnerability is published,” McNeil said. “[However], an analyst then has to respond to that ticket and manually search to see which of their computers are affected.”

So with Fleet, companies can effectively save themselves a step by only addressing vulnerabilities that are relevant to them.

The open source factor

As with just about every other commercial open source startup out there, Fleet’s open source foundation is a major selling point for enterprises and startups alike. The code is fully inspectable and modifiable for starters.

“If a team needs a change, they can request a feature, or they can just make the change themselves and try it out — then submit a pull request to share the code with other users,” McNeil said.

As an open source project, any company can of course use Osquery as the basis of their own custom solution. And there is at least one other company doing just that — VC-backed Uptycs pairs a Osquery fork with a proprietary security analytics framework to serve up cross-platform monitoring and threat prevention. However, Uptyics is geared more toward advanced cybersecurity and cloud use cases, rather than the device management fray.

“Some organizations have built their own Fleet-like solution from scratch, to avoid vendor lock-in and allow them to modify the product as needed,” McNeil explained. “But then they’re stuck with maintenance. Fleet enables teams building their own DIY security and IT solutions to get the best of both worlds.”

While McNeil wasn’t at liberty to reveal any paying customers, he did note that they currently have “significant annual recurring revenue” from more than ten companies. However, a slew of big-name businesses have publicly talked about contributing to Fleet or otherwise adopting it in production environments, though it’s not clear if they are referring to the commercial Fleet product or not — but those companies include Snowflake, Uber, Atlassian, Heroku, Dropbox, and Square.

“When we created Osquery at Facebook in 2014, we always imagined open source as the answer for endpoint visibility,” Wasserman added. “Today, Fleet fulfills that vision, and more.”

Other investors Fleet’s seed round include Wasserman’s Kolide cofounder Mike Arpaia; Lyft’s head of security and privacy Nico Waisman; Sumo Logic security GM Greg Martin; Panther Labs’ founder and CEO Jack Naglieri; and Paystack (now owned by Stripe) cofounder and CTO Ezra Olubi.