Fleet is the lightweight, programmable telemetry platform for servers and workstations. Get comprehensive, customizable data from all your devices and operating systems — without the downtime risk.
Go to file
Lucas Manuel Rodriguez 4194c44131
Use NVD API 2.0 to download CVE information (#15102)
#14888

@getvictor This is ready for review, but keeping as draft as there are
probably many tests that need amending.

I used the new version of the `./tools/nvd/nvdvuln/nvdvuln.go` to
compare the current vulnerabilities found in our dogfood environment
with the vulnerabilities found by the code in this PR and both results
match:
```
go run -race -tags fts5 ./tools/nvd/nvdvuln/nvdvuln.go --debug --db_dir ./local --software_from_url <dogfood URL> --software_from_api_token <API_TOKEN> --sync 2>&1 | tee out.txt
[...]
CVEs found and expected matched!
```

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Added/updated tests
- [X] Manual QA for all new/changed functionality

---------

Co-authored-by: Victor Lyuboslavsky <victor@fleetdm.com>
Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
2023-11-21 12:30:07 -06:00
.github Add --coverpkg flag to go test in the Makefile (#15153) 2023-11-20 17:01:19 -06:00
.storybook Update storybook versions (#14841) 2023-11-01 10:54:26 +00:00
.vscode generate js coverage report in CI (#12029) 2023-06-01 17:46:25 +01:00
articles Enroll hosts docs improvements (#14862) 2023-11-20 19:39:41 +01:00
assets update gif for mdm migration (#14471) 2023-10-12 09:28:43 -03:00
changes Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
charts Modifying chart to include dependencies (#14758) 2023-11-07 11:16:33 -06:00
cmd Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
docs Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
ee Enroll hosts docs improvements (#14862) 2023-11-20 19:39:41 +01:00
frontend UI – Add help text, modularize help text styling, misc cleanup (#15252) 2023-11-21 10:16:33 -08:00
git-hooks Optional git hooks (#14074) 2023-10-31 09:59:47 -06:00
handbook Update formula in quarterly reporting (#15223) 2023-11-20 16:11:52 -06:00
infrastructure Host IDP Metadata in dogfood/s3 (#15132) 2023-11-14 13:45:32 -06:00
mdm_profiles Update password profile (#15191) 2023-11-17 13:13:49 -06:00
orbit Downgrade osquery-go due to panics in Shutdown and add more logging (#15017) 2023-11-13 18:29:45 -03:00
pkg Feat windows msmdm (#14837) 2023-11-01 11:13:12 -03:00
proposals Add Fleet server FIPS 140-2 v1 proposal (#13919) 2023-09-19 13:05:14 -03:00
schema (2023-11-17) Regenerate osquery_fleet_schema.json (#15189) 2023-11-17 13:23:11 -06:00
scripts add on-call script (#4781) 2022-03-28 10:00:33 -06:00
server Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
terraform add module to enable bringing your own bucket file carving destination (#15206) 2023-11-20 11:26:43 -05:00
test/upgrade Bump github.com/docker/docker from 20.10.23+incompatible to 23.0.4+incompatible (#11259) 2023-04-21 14:53:55 -07:00
tools Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
website Website: Update receive-usage-analytics webhook to limit size of requests sent to Datadog. (#15245) 2023-11-21 10:15:59 -06:00
.dockerignore Added support to read jwt and mysql password from a file (#141) 2021-01-04 07:58:43 -08:00
.eslintrc.js Complete removal of Cypress (#13389) 2023-08-18 11:06:12 -06:00
.gitattributes Windows friendly changes after walking through getting started guide (#1441) 2021-07-21 20:49:44 -04:00
.gitignore Modifying chart to include dependencies (#14758) 2023-11-07 11:16:33 -06:00
.gitpod.yml Add gitpod yml (#2915) 2021-11-19 10:03:56 -03:00
.golangci.yml Add Kolide osquery tables 2023-11-01 20:11:35 -06:00
.goreleaser-snapshot.yml use image containing installer deps for fleetdm/fleetctl (#7040) 2022-08-24 12:10:16 +00:00
.goreleaser.yml remove deprecated fields from .goreleaser.yml (#12726) 2023-07-12 10:00:47 -07:00
.npmignore Move fleetdm.com into main Fleet repo (#83) 2020-12-02 14:48:03 -06:00
.prettierignore Complete removal of Cypress (#13389) 2023-08-18 11:06:12 -06:00
.prettierrc.json add prettier and have it format all fleet application code (#625) 2021-04-12 14:32:25 +01:00
.trivyignore 8241 trivy ignore file action (#8345) 2022-10-31 10:50:29 -04:00
babel.config.json Fleet Frontend: Create integration tests QuerySidePanel.tests.tsx (#12179) 2023-06-07 12:01:59 -04:00
CHANGELOG.md Enroll hosts docs improvements (#14862) 2023-11-20 19:39:41 +01:00
CODE_OF_CONDUCT.md Remove @fleetdm.com emails from fleetdm/fleet repo (#882) 2021-05-27 17:19:14 -04:00
codecov.yml Revert codecov changes (#13921) 2023-09-13 16:59:26 -05:00
CODEOWNERS Make Rachael Shaw CODEOWNER of docs (#15129) 2023-11-14 22:53:49 -06:00
docker-compose-redis-cluster.yml Move Redis cluster docker yml to separate file (#11162) 2023-04-12 15:14:28 -04:00
docker-compose.yml Schedule queries on hosts even if automations off (given we now store results) (#14411) 2023-10-11 15:20:06 -03:00
Dockerfile Bump alpine from 3.17.3 to 3.18.2 (#12367) 2023-06-23 12:33:29 -07:00
Dockerfile-desktop-linux Fix fleet desktop linux build (#14877) 2023-11-01 15:29:32 -06:00
Dockerfile.osquery-perf Bump golang from 1.20.3-alpine to 1.20.5-alpine (#12206) 2023-06-23 12:31:37 -07:00
go.mod Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
go.sum Updating CPE generator to use new NVD API. (#15018) 2023-11-20 16:10:00 -06:00
LICENSE Update LICENSE (#10) 2020-11-04 19:57:51 -06:00
Makefile Add --coverpkg flag to go test in the Makefile (#15153) 2023-11-20 17:01:19 -06:00
manifest.yml.cloudgov.example cloud.gov deployment (#7611) 2022-09-07 13:30:06 -05:00
package.json Bump axios from 1.2.3 to 1.6.0 (#15088) 2023-11-10 14:07:31 -06:00
postcss.config.js Upgrade Bourbon to 5.1.0 and fix deprecation warnings (#1973) 2019-01-03 12:46:55 -08:00
README.md Link to some of our fav open source repos (#13476) 2023-08-23 07:18:43 -07:00
SECURITY.md Editing security policy (#5333) 2022-05-05 20:29:06 -05:00
tools.go Update notarization to use notarytool (#7962) 2022-09-27 08:25:42 -07:00
tsconfig.json Fleet UI: Convert URLs in Policy resolution text to be clickable links (#13023) 2023-08-18 09:15:23 -04:00
webpack.config.js Upgrade webpack to v5 (#11173) 2023-04-14 07:58:54 -07:00
yarn.lock Bump axios from 1.2.3 to 1.6.0 (#15088) 2023-11-10 14:07:31 -06:00

Fleet logo, landscape, dark text, transparent background

News   ·   Report a bug   ·   Handbook   ·   Why open source?   ·   Art

Open-source platform for IT and security teams with thousands of computers. Designed for APIs, GitOps, webhooks, YAML, and humans.

A glass city in the clouds

What's it for?

Organizations like Fastly and Gusto use Fleet for vulnerability reporting, detection engineering, device management (MDM), device health monitoring, posture-based access control, managing unused software licenses, and more.

Explore data

To see what kind of data you can use Fleet to gather, check out the table reference documentation.

Out-of-the-box policies

Fleet includes out-of-the box support for all CIS benchmarks for macOS and Windows, as well as many simpler queries.

Take as much or as little as you need for your organization.

Supported platforms

Here are the platforms Fleet currently supports:

  • Linux (all distros)
  • macOS
  • Windows
  • Chromebooks
  • Amazon Web Services (AWS)
  • Google Cloud (GCP)
  • Azure (Microsoft cloud)
  • Data centers
  • Containers (kube, etc)
  • Linux-based IoT devices

Lighter than air

Fleet is lightweight and modular. You can use it for security without using it for MDM, and vice versa. You can turn off features you are not using.

Openness

Fleet is dedicated to flexibility, accessibility, and clarity. We think everyone can contribute and that tools should be as easy as possible for everyone to understand.

Good neighbors

Fleet has no ambition to replace all of your other tools. (Though it might replace some, if you want it to.) Ready-to-use, enterprise-friendly integrations exist for Snowflake, Splunk, GitHub Actions, Vanta, Elastic Jira, Zendesk, and more.

Fleet plays well with Munki, Chef, Puppet, and Ansible, as well as with security tools like Crowdstrike and SentinelOne. For example, you can use the free version of Fleet to quickly report on what hosts are actually running your EDR agent.

While most folks prefer to use one or the other, Fleet can also coexist peacefully with Rapid7 and other agent-based vulnerability scanners. This can be useful during migrations.

Free as in free

The free version of Fleet will always be free. Fleet is independently backed and actively maintained with the help of many amazing contributors.

Longevity

The company behind Fleet is founded (and majority-owned) by true believers in open source. The company's business model is influenced by GitLab (NYSE: GTLB), with great investors, happy customers, and the capacity to become profitable at any time.

In keeping with Fleet's value of openness, Fleet Device Management's company handbook is public and open source. You can read about the history of Fleet and osquery and our commitment to improving the product.

Is it any good?

Fleet is used in production by IT and security teams with thousands of laptops and servers. Many deployments support tens of thousands of hosts, and a few large organizations manage deployments as large as 400,000+ hosts.

Chat

Please join us in MacAdmins Slack or in osquery Slack.

The Fleet community is full of kind and helpful people. Whether or not you are a paying customer, if you need help, just ask.

Contributing   Run Tests   Go Report Card   CII Best Practices   Twitter Follow  

The landscape of cybersecurity and IT is too complex. Let's open it up.

Contributions are welcome, whether you answer questions on Slack / GitHub / StackOverflow / LinkedIn / Twitter, improve the documentation or website, write a tutorial, give a talk at a conference or local meetup, give an interview on a podcast, troubleshoot reported issues, or submit a patch. The Fleet code of conduct is on GitHub.

What's next?

To see what Fleet can do, head over to fleetdm.com and try it out for yourself, grab time with one of the maintainers to discuss, or visit the docs and roll it out to your organization.

Production deployment

Fleet is simple enough to spin up for yourself. Or you can have us host it for you. Premium features are available either way.

Documentation

Complete documentation for Fleet can be found at https://fleetdm.com/docs.

License

The free version of Fleet is available under the MIT license. The commercial license is also designed to allow contributions to paid features for users whose employment agreements allow them to contribute to open source projects. (See LICENSE.md for details.)

Fleet is built on osquery, nanoMDM, Nudge, and swiftDialog.