diff --git a/handbook/company/pricing-features-table.yml b/handbook/company/pricing-features-table.yml index 31d103b2f0..6c56057799 100644 --- a/handbook/company/pricing-features-table.yml +++ b/handbook/company/pricing-features-table.yml @@ -1,3 +1,496 @@ +# [?]: To generate new ASCII art headings used in this file, you can use the @mikermcneil/kit npm package. See https://github.com/mikermcneil/kit for more details +# +# Example feature: +# - industryName: Feature name - Displayed on the features table on fleetdm.com/pricing +# tier: The tier of Fleet that users can use this feature on. Either "Free" or "Premium" +# description: Description of feature - This value is added to the tooltip for this feature on fleetdm.com/pricing +# pricingTableCategories: [Array] - The section of the pricing features table this feature is. in. Supports multiple categories, but it is usally best to pick one. Supported values: "Support", "Integrations", "Deployment", "Endpoint operations", "Vulnerability management", "Device management". +# documentationUrl: URL of relavant Fleet documentation - If provided with a description, this link will be added to the tooltip for this feature +# usualDepartment: The type of buyer who would be interested in this feature. Supports "IT" or "Security". This value determines what category switcher this feature is under. +# productCategories: [Array] - The product category this feature is under. Supported values: "Vulnerability management", "Endpoint operations", "Device management". (Currently not used by the Fleet website UI) +# moreInfoUrl: URL where users can learn more about this feature - Not used on the pricing page currently +# jamfProHasFeature: Whether or not Jamf Pro has this (or a comparable) feature. Supported values: "yes", "no" or "appleOnly" (currently not used by Fleet website UI) +# jamfProtectHasFeature: Whether or not Jamf Protext has this (or a comparable) feature. Supported values: "yes", "no" or "appleOnly" (currently not used by Fleet website UI) +# +# ██████╗ ███████╗██╗ ██╗██╗ ██████╗███████╗ +# ██╔══██╗██╔════╝██║ ██║██║██╔════╝██╔════╝ +# ██║ ██║█████╗ ██║ ██║██║██║ █████╗ +# ██║ ██║██╔══╝ ╚██╗ ██╔╝██║██║ ██╔══╝ +# ██████╔╝███████╗ ╚████╔╝ ██║╚██████╗███████╗ +# ╚═════╝ ╚══════╝ ╚═══╝ ╚═╝ ╚═════╝╚══════╝ +# +# ███╗ ███╗ █████╗ ███╗ ██╗ █████╗ ██████╗ ███████╗███╗ ███╗███████╗███╗ ██╗████████╗ +# ████╗ ████║██╔══██╗████╗ ██║██╔══██╗██╔════╝ ██╔════╝████╗ ████║██╔════╝████╗ ██║╚══██╔══╝ +# ██╔████╔██║███████║██╔██╗ ██║███████║██║ ███╗█████╗ ██╔████╔██║█████╗ ██╔██╗ ██║ ██║ +# ██║╚██╔╝██║██╔══██║██║╚██╗██║██╔══██║██║ ██║██╔══╝ ██║╚██╔╝██║██╔══╝ ██║╚██╗██║ ██║ +# ██║ ╚═╝ ██║██║ ██║██║ ╚████║██║ ██║╚██████╔╝███████╗██║ ╚═╝ ██║███████╗██║ ╚████║ ██║ +# ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═══╝╚═╝ ╚═╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═══╝ ╚═╝ +# +# +# ╔═╗╦═╗╔═╗╔═╗╔═╗ ╔═╗╦ ╔═╗╔╦╗╔═╗╔═╗╦═╗╔╦╗ ╔╦╗╔╦╗╔╦╗ ╔═╗╦ ╦╔═╗╔═╗╔═╗╦═╗╔╦╗ +# ║ ╠╦╝║ ║╚═╗╚═╗───╠═╝║ ╠═╣ ║ ╠╣ ║ ║╠╦╝║║║ ║║║ ║║║║║ ╚═╗║ ║╠═╝╠═╝║ ║╠╦╝ ║ +# ╚═╝╩╚═╚═╝╚═╝╚═╝ ╩ ╩═╝╩ ╩ ╩ ╚ ╚═╝╩╚═╩ ╩ ╩ ╩═╩╝╩ ╩ ╚═╝╚═╝╩ ╩ ╚═╝╩╚═ ╩ +- industryName: Cross-platform MDM support + description: macOS, Windows, and Linux. + documentationUrl: https://fleetdm.com/announcements/fleet-introduces-windows-mdm + tier: Premium + jamfProHasFeature: appleOnly + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] +# +# ╔╦╗╔╦╗╔╦╗ ╔╦╗╦╔═╗╦═╗╔═╗╔╦╗╦╔═╗╔╗╔ +# ║║║ ║║║║║ ║║║║║ ╦╠╦╝╠═╣ ║ ║║ ║║║║ +# ╩ ╩═╩╝╩ ╩ ╩ ╩╩╚═╝╩╚═╩ ╩ ╩ ╩╚═╝╝╚╝ +- industryName: MDM migration # « end-user initiated MDM migration, with interactive UI + description: Easily move your devices from your current MDM solution to Fleet. + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: no + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-migration-guide + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] +# +# ╔═╗╔═╗╦═╗╔═╗ ╔╦╗╔═╗╦ ╦╔═╗╦ ╦ ╔═╗╔═╗╔╦╗╦ ╦╔═╗ +# ╔═╝║╣ ╠╦╝║ ║───║ ║ ║║ ║║ ╠═╣ ╚═╗║╣ ║ ║ ║╠═╝ +# ╚═╝╚═╝╩╚═╚═╝ ╩ ╚═╝╚═╝╚═╝╩ ╩ ╚═╝╚═╝ ╩ ╚═╝╩ +- industryName: Zero-touch setup + description: Zero-touch setup for macOS, iOS/iPadOS (coming soon), and Windows. + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-macos-setup-experience + tier: Premium + jamfProHasFeature: appleOnly + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] + waysToUse: + - description: Zero-touch for iOS/iPadOS is coming soon (2024-07-15). + - description: Ship a macOS workstation to the end user's home and have them automatically enroll to Fleet during out-of-the-box setup. + - description: Ship a Windows workstation to the end user's home and have them automatically enroll to Fleet during out-of-the-box setup. + - description: Customize the out-of-the-box setup experience for your end users. + - description: Install a bootstrap package to run custom scripts during the setup experience. Store the bootstrap package outside the Fleet database coming soon (2024-09-15) #customer-faltona + moreInfoUrl: https://github.com/fleetdm/fleet/issues/19037 + - description: Require end users to authenticate with your identity provider (IdP) and agree to an end user license agreement (EULA) before they can use their new workstation +# +# ╦ ╦╔═╗╔═╗╦═╗ ╔═╗╔═╗╔═╗╔═╗╦ ╦╔╗╔╔╦╗ ╔═╗╦ ╦╔╗╔╔═╗ +# ║ ║╚═╗║╣ ╠╦╝ ╠═╣║ ║ ║ ║║ ║║║║ ║ ╚═╗╚╦╝║║║║ +# ╚═╝╚═╝╚═╝╩╚═ ╩ ╩╚═╝╚═╝╚═╝╚═╝╝╚╝ ╩ ╚═╝ ╩ ╝╚╝╚═╝ +- industryName: User account sync + description: Sync user accounts via Okta, AD, or any IDP. + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-macos-setup-experience + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Device management] + usualDepartment: IT + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: yes + waysToUse: + - description: Automatically set admin access to Fleet based on your IDP +# +# ╔╗ ╦ ╦╔═╗╔╦╗ ╔═╗╔╗╔╦═╗╔═╗╦ ╦ ╔╦╗╔═╗╔╗╔╔╦╗ +# ╠╩╗╚╦╝║ ║ ║║ ║╣ ║║║╠╦╝║ ║║ ║ ║║║║╣ ║║║ ║ +# ╚═╝ ╩ ╚═╝═╩╝ ╚═╝╝╚╝╩╚═╚═╝╩═╝╩═╝╩ ╩╚═╝╝╚╝ ╩ +- industryName: BYOD enrollment + description: BYOD enrollment for macOS, iOS/iPadOS (coming soon), Windows, and Android (coming soon) devices. + documentationUrl: https://fleetdm.com/guides/sysadmin-diaries-device-enrollment#byod-enrollment + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] + waysToUse: + - description: Support ACME as a protocol for MDM certificate generation. Coming soon (2024-12-31) #customer-rosner + moreInfoUrl: https://github.com/fleetdm/fleet/issues/15611 +# +# ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗ ╦╔╗╔╦ ╦╔═╗╔╗╔╔╦╗╔═╗╦═╗╦ ╦ +# ║║║╣ ╚╗╔╝║║ ║╣ ║║║║╚╗╔╝║╣ ║║║ ║ ║ ║╠╦╝╚╦╝ +# ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝ ╩╝╚╝ ╚╝ ╚═╝╝╚╝ ╩ ╚═╝╩╚═ ╩ +- industryName: Device inventory + description: The device inventory allows admins to view device data. + documentationUrl: https://fleetdm.com/docs/using-fleet/understanding-host-vitals + moreInfoUrl: https://github.com/fleetdm/fleet/issues/14415 + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes + usualDepartment: IT + productCategories: [Endpoint operations,Device management] + pricingTableCategories: [Device management] +# +# ╔═╗╔╗╔╔═╗╔═╗╦═╗╔═╗╔═╗ ╔╦╗╦╔═╗╦╔═ ╔═╗╔╗╔╔═╗╦═╗╦ ╦╔═╗╔╦╗╦╔═╗╔╗╔ +# ║╣ ║║║╠╣ ║ ║╠╦╝║ ║╣ ║║║╚═╗╠╩╗ ║╣ ║║║║ ╠╦╝╚╦╝╠═╝ ║ ║║ ║║║║ +# ╚═╝╝╚╝╚ ╚═╝╩╚═╚═╝╚═╝ ═╩╝╩╚═╝╩ ╩ ╚═╝╝╚╝╚═╝╩╚═ ╩ ╩ ╩ ╩╚═╝╝╚╝ +- industryName: Enforce disk encryption + description: Encrypt system drives on macOS and Windows computers, manage escrowed encryption keys, and report on disk encryption status (FileVault, BitLocker). + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-disk-encryption + friendlyName: Ensure hard disks are encrypted + productCategories: [Device management] + pricingTableCategories: [Device management] + usualDepartment: Security + tier: Premium + jamfProHasFeature: appleOnly + jamfProtectHasFeature: no + waysToUse: + - description: Report on disk encryption status + - description: Encrypt hard disks on macOS with FileVault + - description: Escrow FileVault keys on macOS + - description: Encrypt hard disks on Windows with BitLocker. +# +# ╔═╗╔╗╔╔═╗╔═╗╦═╗╔═╗╔═╗ ╔═╗╔═╗╔═╗╦═╗╔═╗╔╦╗╦╔╗╔╔═╗ ╔═╗╦ ╦╔═╗╔╦╗╔═╗╔╦╗ ╦ ╦╔═╗╔╦╗╔═╗╔╦╗╔═╗╔═╗ +# ║╣ ║║║╠╣ ║ ║╠╦╝║ ║╣ ║ ║╠═╝║╣ ╠╦╝╠═╣ ║ ║║║║║ ╦ ╚═╗╚╦╝╚═╗ ║ ║╣ ║║║ ║ ║╠═╝ ║║╠═╣ ║ ║╣ ╚═╗ +# ╚═╝╝╚╝╚ ╚═╝╩╚═╚═╝╚═╝ ╚═╝╩ ╚═╝╩╚═╩ ╩ ╩ ╩╝╚╝╚═╝ ╚═╝ ╩ ╚═╝ ╩ ╚═╝╩ ╩ ╚═╝╩ ═╩╝╩ ╩ ╩ ╚═╝╚═╝ +- industryName: Enforce operating system (OS) updates + description: Keep operating systems up to date for macOS, iOS/iPadOS, Windows, and Android (coming soon) devices. + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-macos-updates + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management,Vulnerability management] + pricingTableCategories: [Device management] + waysToUse: + - description: Enforce macOS updates via Nudge. + - description: Progressively enhance from Nudge to DDM-based OS updates. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/17295 + - description: Automatically update Windows after the end user reaches a deadline. +# +# ╔═╗╔╗╔╔═╗╔═╗╦═╗╔═╗╔═╗ ╔═╗╔═╗ ╔═╗╔═╗╔╦╗╔╦╗╦╔╗╔╔═╗╔═╗ +# ║╣ ║║║╠╣ ║ ║╠╦╝║ ║╣ ║ ║╚═╗ ╚═╗║╣ ║ ║ ║║║║║ ╦╚═╗ +# ╚═╝╝╚╝╚ ╚═╝╩╚═╚═╝╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╩ ╩ ╩╝╚╝╚═╝╚═╝ +- industryName: Enforce OS settings + description: MDM support for macOS, iOS/iPadOS, Windows, and Android (coming soon) devices. Management support for Linux. + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-custom-os-settings + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no + waysToUse: + - description: Deploy configuration profiles on macOS and Windows and verify that they're installed. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/13281 + - description: Deploy custom declaration (DDM) profiles on macOS. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/14550 + - description: Target profiles to specific hosts using SQL. Exclusions coming soon (2024-07-15) #customer-rosner + moreInfoUrl: https://github.com/fleetdm/fleet/issues/17315 + - description: Automatically re-deploy configuration profiles when they're not installed. + - description: Deploy configuration profiles on iOS/iPadOS. Coming soon (2024-07-15). + - description: See a list of the upcoming MDM commands and scripts in unified queue. Coming soon (2024-07-15) + moreInfoUrl: https://github.com/fleetdm/fleet/issues/15920 + - description: MDM commands for iOS/iPadOS are coming soon (2024-07-15). + - description: Send MDM commands to tell end users to update their OS. + moreInfoUrl: https://developer.apple.com/documentation/devicemanagement/schedule_an_os_update + productCategories: [Device management] + pricingTableCategories: [Device management] +# +# ╔═╗╔═╗╦═╗╦╔═╗╔╦╗ ╔═╗═╗ ╦╔═╗╔═╗╦ ╦╔╦╗╦╔═╗╔╗╔ +# ╚═╗║ ╠╦╝║╠═╝ ║ ║╣ ╔╩╦╝║╣ ║ ║ ║ ║ ║║ ║║║║ +# ╚═╝╚═╝╩╚═╩╩ ╩ ╚═╝╩ ╚═╚═╝╚═╝╚═╝ ╩ ╩╚═╝╝╚╝ +- industryName: Script execution + friendlyName: Safely execute custom scripts (macOS, Windows, and Linux) + description: Deploy and execute custom scripts using a REST API, and manage your library of scripts in the UI or a git repo. + documentationUrl: https://fleetdm.com/docs/using-fleet/scripts + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no + dri: mikermcneil + usualDepartment: IT + productCategories: [Endpoint operations,Device management] + pricingTableCategories: [Device management] + demos: + - description: A large tech company used scripts to fix issues with their security and compliance agents on workstations. + buzzwords: [Remote script execution,PowerShell scripts,Bash scripts] + waysToUse: + - description: Execute custom macOS scripts (client platform engineering) + moreInfoUrl: https://www.hexnode.com/blogs/executing-custom-mac-scripts-via-mdm/ + - description: Execute custom Windows scripts (client platform engineering) + moreInfoUrl: https://www.hexnode.com/blogs/executing-custom-windows-scripts-via-mdm/ + - description: Use PowerShell scripts on Windows devices + moreInfoUrl: https://learn.microsoft.com/en-us/mem/intune/apps/intune-management-extension + - description: Run PowerShell scripts for remediations (security engineering) + moreInfoUrl: https://learn.microsoft.com/en-us/mem/intune/fundamentals/powershell-scripts-remediation + - description: Download and run remediation scripts + moreInfoUrl: https://help.zscaler.com/deception/downloading-and-running-remediation-script + - description: Deploy custom scripts + moreInfoUrl: https://scalefusion.com/custom-scripting + - description: Run scripts on online/offline hosts + moreInfoUrl: https://github.com/fleetdm/fleet/issues/15529 + - description: Only maintainers and admins can run scripts. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/19055 +# +# ╔═╗╔═╗╔═╗╦ ╦╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ ╔╦╗╔═╗╔═╗╦ ╔═╗╦ ╦╔╦╗╔═╗╔╗╔╔╦╗ +# ╠═╣╠═╝╠═╝║ ║║ ╠═╣ ║ ║║ ║║║║ ║║║╣ ╠═╝║ ║ ║╚╦╝║║║║╣ ║║║ ║ +# ╩ ╩╩ ╩ ╩═╝╩╚═╝╩ ╩ ╩ ╩╚═╝╝╚╝ ═╩╝╚═╝╩ ╩═╝╚═╝ ╩ ╩ ╩╚═╝╝╚╝ ╩ +- industryName: Application deployment + description: Deploy applications and security agents on macOS, iOS/iPadOS, Linux, Windows, and Android (coming soon) devices. Additionally, install macOS and iOS/iPadOS apps from the App Store (coming soon). + tier: Premium + jamfProHasFeature: appleOnly + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] + moreInfoUrl: https://github.com/fleetdm/fleet/issues/18867 + waysToUse: + - description: Easily configure and install SentinelOne, Crowdstrike, and other security tools. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/14921 + - description: Offer licenses for Photoshop and other App Sore apps for your end users. + - description: macOS coming soon (2024-07-15). #customer-rosner + moreInfoUrl: https://github.com/fleetdm/fleet/issues/18867 + - description: iOS/iPadOS coming soon (2024-08-11). + moreInfoUrl: https://github.com/fleetdm/fleet/issues/14899 +# +# ╔═╗╔═╗╦ ╔═╗ ╔═╗╔═╗╦═╗╦ ╦╦╔═╗╔═╗ ╔═╗╔═╗╔═╗╦ ╦╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ ╦╔╗╔╔═╗╔╦╗╔═╗╦ ╦ ╔═╗╔╦╗╦╔═╗╔╗╔ +# ╚═╗║╣ ║ ╠╣ ╚═╗║╣ ╠╦╝╚╗╔╝║║ ║╣ ╠═╣╠═╝╠═╝║ ║║ ╠═╣ ║ ║║ ║║║║ ║║║║╚═╗ ║ ╠═╣║ ║ ╠═╣ ║ ║║ ║║║║ +# ╚═╝╚═╝╩═╝╚ ╚═╝╚═╝╩╚═ ╚╝ ╩╚═╝╚═╝ ╩ ╩╩ ╩ ╩═╝╩╚═╝╩ ╩ ╩ ╩╚═╝╝╚╝ ╩╝╚╝╚═╝ ╩ ╩ ╩╩═╝╩═╝╩ ╩ ╩ ╩╚═╝╝╚╝ +- industryName: Self service application installation + description: Allow end users to install apps through Fleet Desktop for macOS, Linux, and Windows. + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] + moreInfoUrl: https://github.com/fleetdm/fleet/issues/17587 +# +# ╔═╗╔═╗╔═╗╦ ╦╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ ╔╦╗╔═╗╔╗╔╔═╗╔═╗╔═╗╔╦╗╔═╗╔╗╔╔╦╗ +# ╠═╣╠═╝╠═╝║ ║║ ╠═╣ ║ ║║ ║║║║ ║║║╠═╣║║║╠═╣║ ╦║╣ ║║║║╣ ║║║ ║ +# ╩ ╩╩ ╩ ╩═╝╩╚═╝╩ ╩ ╩ ╩╚═╝╝╚╝ ╩ ╩╩ ╩╝╚╝╩ ╩╚═╝╚═╝╩ ╩╚═╝╝╚╝ ╩ +- industryName: Application management + description: Manage updates and patches for apps on macOS, Windows, and Linux computers. + tier: Premium + jamfProHasFeature: appleOnly + jamfProtectHasFeature: no + comingSoonOn: 2024-07-15 + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] + moreInfoUrl: https://github.com/fleetdm/fleet/issues/18865 +# +# ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗ ╦═╗╔═╗╔╦╗╔═╗╔╦╗╦╔═╗╔╦╗╦╔═╗╔╗╔ +# ║║║╣ ╚╗╔╝║║ ║╣ ╠╦╝║╣ ║║║║╣ ║║║╠═╣ ║ ║║ ║║║║ +# ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝ ╩╚═╚═╝╩ ╩╚═╝═╩╝╩╩ ╩ ╩ ╩╚═╝╝╚╝ +- industryName: Device remediation + description: Use Fleet Policies to detect the device state. Automate remediations for issues or allow users to remediate problems in self-service. + documentationUrl: https://fleetdm.com/securing/end-user-self-remediation # « NOTE: This link will change when auto-remediation is delivered. + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management, Vulnerability management] + pricingTableCategories: [Device management] + waysToUse: + - description: Send software vulnerability emails to end users to encourage self-remediation. +# +# ╔═╗╔═╗╔╗╔╔╦╗ ╦ ╔═╗╔═╗╦╔═ ╔═╗╔╗╔╔╦╗ ╦ ╦╦╔═╗╔═╗ ╔═╗╔═╗╔╦╗╔╦╗╔═╗╔╗╔╔╦╗╔═╗ +# ╚═╗║╣ ║║║ ║║ ║ ║ ║║ ╠╩╗ ╠═╣║║║ ║║ ║║║║╠═╝║╣ ║ ║ ║║║║║║║╠═╣║║║ ║║╚═╗ +# ╚═╝╚═╝╝╚╝═╩╝ ╩═╝╚═╝╚═╝╩ ╩ ╩ ╩╝╚╝═╩╝ ╚╩╝╩╩ ╚═╝ ╚═╝╚═╝╩ ╩╩ ╩╩ ╩╝╚╝═╩╝╚═╝ +- industryName: Send lock and wipe commands + description: Secure your devices with remote lock and wipe commands if lost or stolen. + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-commands + waysToUse: + - description: High-level remote lock for macOS, Windows, and Linux. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/9949 + - description: High-level remote wipe for macOS, Windows, and Linux. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/9951 + tier: Premium + jamfProHasFeature: appleOnly + jamfProtectHasFeature: no + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] +# +# ╔═╗╔═╗╔═╗╦ ╔═╗ ╔╦╗╔═╗╔═╗╦ ╔═╗╦═╗╔═╗╔╦╗╦╦ ╦╔═╗ ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗ ╔╦╗╔═╗╔╗╔╔═╗╔═╗╔═╗╔╦╗╔═╗╔╗╔╔╦╗ +# ╠═╣╠═╝╠═╝║ ║╣ ║║║╣ ║ ║ ╠═╣╠╦╝╠═╣ ║ ║╚╗╔╝║╣ ║║║╣ ╚╗╔╝║║ ║╣ ║║║╠═╣║║║╠═╣║ ╦║╣ ║║║║╣ ║║║ ║ +# ╩ ╩╩ ╩ ╩═╝╚═╝ ═╩╝╚═╝╚═╝╩═╝╩ ╩╩╚═╩ ╩ ╩ ╩ ╚╝ ╚═╝ ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝ ╩ ╩╩ ╩╝╚╝╩ ╩╚═╝╚═╝╩ ╩╚═╝╝╚╝ ╩ +# ╔═╗╦ ╦╔═╗╔═╗╔═╗╦═╗╔╦╗ ╔═╗╔═╗╦═╗ ╔═╗╔═╗╔╗╔╔═╗╦╔═╗╦ ╦╦═╗╔═╗╔╦╗╦╔═╗╔╗╔ ╔═╗╦═╗╔═╗╔═╗╦╦ ╔═╗╔═╗ +# ╚═╗║ ║╠═╝╠═╝║ ║╠╦╝ ║ ╠╣ ║ ║╠╦╝ ║ ║ ║║║║╠╣ ║║ ╦║ ║╠╦╝╠═╣ ║ ║║ ║║║║ ╠═╝╠╦╝║ ║╠╣ ║║ ║╣ ╚═╗ +# ╚═╝╚═╝╩ ╩ ╚═╝╩╚═ ╩ ╚ ╚═╝╩╚═ ╚═╝╚═╝╝╚╝╚ ╩╚═╝╚═╝╩╚═╩ ╩ ╩ ╩╚═╝╝╚╝ ╩ ╩╚═╚═╝╚ ╩╩═╝╚═╝╚═╝ +- industryName: Apple Declarative Device Management (DDM) support for configuration profiles + description: Use the latest device management protocol on your Apple devices. + documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-os-updates#macos + tier: Premium + jamfProHasFeature: cloudOnly + jamfProtectHasFeature: cloudOnly + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] +# +# ╔╦╗╔═╗╦═╗╔═╗╔═╗╔╦╗╔═╗╔╦╗ ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗ ╔═╗╔═╗╔═╗╔═╗╦╔╗╔╔═╗ +# ║ ╠═╣╠╦╝║ ╦║╣ ║ ║╣ ║║ ║║║╣ ╚╗╔╝║║ ║╣ ╚═╗║ ║ ║╠═╝║║║║║ ╦ +# ╩ ╩ ╩╩╚═╚═╝╚═╝ ╩ ╚═╝═╩╝ ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝ ╚═╝╚═╝╚═╝╩ ╩╝╚╝╚═╝ +- industryName: Targeted device scoping + description: Organize devices with Teams and Labels. + documentationUrl: https://fleetdm.com/guides/managing-labels-in-fleet + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: yes + usualDepartment: IT + productCategories: [Device management] + pricingTableCategories: [Device management] +# +# ██╗ ██╗██╗ ██╗██╗ ███╗ ██╗███████╗██████╗ █████╗ ██████╗ ██╗██╗ ██╗████████╗██╗ ██╗ +# ██║ ██║██║ ██║██║ ████╗ ██║██╔════╝██╔══██╗██╔══██╗██╔══██╗██║██║ ██║╚══██╔══╝╚██╗ ██╔╝ +# ██║ ██║██║ ██║██║ ██╔██╗ ██║█████╗ ██████╔╝███████║██████╔╝██║██║ ██║ ██║ ╚████╔╝ +# ╚██╗ ██╔╝██║ ██║██║ ██║╚██╗██║██╔══╝ ██╔══██╗██╔══██║██╔══██╗██║██║ ██║ ██║ ╚██╔╝ +# ╚████╔╝ ╚██████╔╝███████╗██║ ╚████║███████╗██║ ██║██║ ██║██████╔╝██║███████╗██║ ██║ ██║ +# ╚═══╝ ╚═════╝ ╚══════╝╚═╝ ╚═══╝╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝╚═════╝ ╚═╝╚══════╝╚═╝ ╚═╝ ╚═╝ +# +# ███╗ ███╗ █████╗ ███╗ ██╗ █████╗ ██████╗ ███████╗███╗ ███╗███████╗███╗ ██╗████████╗ +# ████╗ ████║██╔══██╗████╗ ██║██╔══██╗██╔════╝ ██╔════╝████╗ ████║██╔════╝████╗ ██║╚══██╔══╝ +# ██╔████╔██║███████║██╔██╗ ██║███████║██║ ███╗█████╗ ██╔████╔██║█████╗ ██╔██╗ ██║ ██║ +# ██║╚██╔╝██║██╔══██║██║╚██╗██║██╔══██║██║ ██║██╔══╝ ██║╚██╔╝██║██╔══╝ ██║╚██╗██║ ██║ +# ██║ ╚═╝ ██║██║ ██║██║ ╚████║██║ ██║╚██████╔╝███████╗██║ ╚═╝ ██║███████╗██║ ╚████║ ██║ +# ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═══╝╚═╝ ╚═╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═══╝ ╚═╝ +# +# +# ╔╦╗╔═╗╦ ╦ ╦╔═╗╦═╗╔═╗ ╔╦╗╔═╗╔╦╗╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ ┌─╦ ╦╔═╗╦═╗╔═╗─┐ +# ║║║╠═╣║ ║║║╠═╣╠╦╝║╣ ║║║╣ ║ ║╣ ║ ║ ║║ ║║║║ │ ╚╦╝╠═╣╠╦╝╠═╣ │ +# ╩ ╩╩ ╩╩═╝╚╩╝╩ ╩╩╚═╚═╝ ═╩╝╚═╝ ╩ ╚═╝╚═╝ ╩ ╩╚═╝╝╚╝ └─ ╩ ╩ ╩╩╚═╩ ╩─┘ +- industryName: Malware detection (YARA/custom IoCs) # TODO: consider: technically more than YARA, consider generalizing this and including the concept of comparing known binary hashes and other IoCs (either via live query or in the data lake to compare threat intel feed) + friendlyName: Scan files for zero days and malware signatures + description: Use YARA signatures to report and trigger automations when zero days, malware, or unexpected files are detected on a host. + documentationUrl: https://fleetdm.com/tables/yara + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: yes + dri: mikermcneil + usualDepartment: Security + productCategories: [Endpoint operations,Vulnerability management] + pricingTableCategories: [Vulnerability management] + buzzwords: [YARA scanning,Cyber Threat Intelligence (CTI),Indicators of compromise (IOCs),Antivirus (AV),Endpoint protection platform (EPP),Endpoint detection and response (EDR),Malware detection,Signature-based malware detection,Malware scanning,Malware analysis,Anomaly detection] + demos: + - description: A top media company used Fleet policies with YARA rules to continuously scan host filesystems for malware signatures provided by internal and external threat intelligence teams. + moreInfoUrl: # short demo video + waysToUse: + - description: Detect suspicious bytecode in JAR files + - description: Identify suspicious patterns in binaries using YARA signatures # (≈regular expressions for binary) + - description: Continuously scan host filesystems for malware signatures. + moreInfoUrl: https://yara.readthedocs.io/en/stable/writingrules.html + - description: Monitor for relevent filesystem changes (YARA events) and on-demand YARA signature scans. + moreInfoUrl: https://osquery.readthedocs.io/en/stable/deployment/yara/ + - description: Use YARA for malware detection + moreInfoUrl: https://www.cisa.gov/sites/default/files/FactSheets/NCCIC%20ICS_FactSheet_YARA_S508C.pdf + - description: Scan for indicators of compromise (IoC) for common malware. + moreInfoUrl: https://github.com/Cisco-Talos/osquery_queries + - description: Analyze malware using data from osquery, such as endpoint certificates and launch daemons (launchd). + moreInfoUrl: https://medium.com/hackernoon/malware-analysis-using-osquery-part-3-9dc805b67d16 + - description: Detect persistent malware (e.g. WireLurker) in endpoints by generating simple policies that search for their static indicators of compromise (IoCs). + moreInfoUrl: https://osquery.readthedocs.io/en/stable/deployment/anomaly-detection/ + - description: Run a targeted YARA scan with osquery as a lightweight approach to scan anything on a host filesystem, with minimal performance impact. Unlike full system YARA scans which consume considerable CPU resources, an equivalent YARA scan targeted in Fleet can be 8x cheaper (CPU %). + moreInfoUrl: https://www.tripwire.com/state-of-security/signature-socket-based-malware-detection-osquery-yara +# +# ╔═╗╔═╗╔╗╔╔╦╗╦╔╗╔╦ ╦╔═╗╦ ╦╔═╗ ╔═╗╔═╗╔═╗╔╗╔╔╗╔╦╔╗╔╔═╗ +# ║ ║ ║║║║ ║ ║║║║║ ║║ ║║ ║╚═╗ ╚═╗║ ╠═╣║║║║║║║║║║║ ╦ +# ╚═╝╚═╝╝╚╝ ╩ ╩╝╚╝╚═╝╚═╝╚═╝╚═╝ ╚═╝╚═╝╩ ╩╝╚╝╝╚╝╩╝╚╝╚═╝ +- industryName: Continuous scanning + friendlyName: Detect vulnerable software + documentationUrl: https://fleetdm.com/vulnerability-management + productCategories: [Vulnerability management] + pricingTableCategories: [Vulnerability management] + usualDepartment: Security + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: yes + buzzwords: [Stakeholder-specific vulnerability categorization (SSVC),Continuous scanning,Continuous vulnerability scanning,Risk-based vulnerability management] + waysToUse: + - description: 'Use an SSVC decision tree model to prioritize relevant vulnerabilities into four possible decisions: "Track", "Track*", "Attend", and "Act".' + moreInfoUrl: https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc + - description: 'Balint Fazakas: I think what offers a better use of CVSS if you break it down to vectors. You may find that a DoS (High Availability Impact) not as relevant for you, or equally a vulnerability requiring user interaction has a very low likelihood of exploit in another scenario. If you want to fine tune your SSVC, it worth using the vectors you care about instead of the score itself. But ultimately you would want to read the description of the vulnerabilities to determine the risk they are posing to your environment. SSVC can assist you to do that in a more efficient way.' + moreInfoUrl: https://www.linkedin.com/feed/update/urn:li:activity:7162614115025215488?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7162614115025215488%2C7162681703918985216%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287162681703918985216%2Curn%3Ali%3Aactivity%3A7162614115025215488%29 + - description: 'Melissa Bischoping: CVSS is never enough to contextualize the urgency or risk of a vulnerability in your environment. It is one metric that needs to be part of an overall risk calculus, but a CVSS of 6 can be a greater threat in your organization than a CVSS of 10 based on the environmental variables and mitigations. Only two 10.0s here, but several lower severity that are resulting in high-impact breaches. Getting a handle on managing that public facing infrastructure and being able to rapidly patch the apps and devices with such exposure needs to be part of an overall plan, but must go hand in hand with mitigations and layers of a zero trust design. CVSS isn’t the sole determination of risk, it’s only one partial piece of data to understand the impact of a vulnerability if exploited.' + moreInfoUrl: https://www.linkedin.com/feed/update/urn:li:activity:7162614115025215488?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7162614115025215488%2C7162629486344159232%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287162629486344159232%2Curn%3Ali%3Aactivity%3A7162614115025215488%29 + demos: + - description: A top gaming company wanted to replace Qualys for infrastructure vulnerability detection. + quote: So we have some stuff today through Qualys, but it's just not very good. A lot of it is...it's just really noisy. I'm trying to find out specifically, actually what packages are installed where, and then the ability to live query them. + moreInfoUrl: https://docs.google.com/document/d/1JWtRsW1FUTCkZEESJj9-CvXjLXK4219by-C6vvVVyBY/edit + - description: One of the world's largest, top transportation companies uses Fleet's API to email relevant, actually-installed vulnerabilities to responsible teams so they can fix them. + moreInfoUrl: https://docs.google.com/document/d/1oeCmT077o_5nxzLhnxs7kcg_4Qn1Pn1F5zx10nQOAp8/edit +# +# ╦ ╦╦ ╦╦ ╔╗╔╔═╗╦═╗╔═╗╔╗ ╦╦ ╦╔╦╗╦ ╦ ╔╦╗╔═╗╔═╗╦ ╦╔╗ ╔═╗╔═╗╦═╗╔╦╗ +# ╚╗╔╝║ ║║ ║║║║╣ ╠╦╝╠═╣╠╩╗║║ ║ ║ ╚╦╝ ║║╠═╣╚═╗╠═╣╠╩╗║ ║╠═╣╠╦╝ ║║ +# ╚╝ ╚═╝╩═╝╝╚╝╚═╝╩╚═╩ ╩╚═╝╩╩═╝╩ ╩ ╩ ═╩╝╩ ╩╚═╝╩ ╩╚═╝╚═╝╩ ╩╩╚══╩╝ +- industryName: Vulnerability dashboard + friendlyName: Vulnerability dashboard + documentationUrl: https://fleetdm.com/vulnerability-management + productCategories: [Vulnerability management] + pricingTableCategories: [Vulnerability management] + usualDepartment: Security + tier: Premium + jamfProHasFeature: no + jamfProtectHasFeature: yes + demos: + - description: See a list of all vulnerabilities across your hosts. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/15919 + - description: AI generated CVSS v4 context. Coming soon (2024-12-31). + waysToUse: + - description: Easily communicate to executives regarding the progress of patching vulnerable software. Only show vulnerabilities that you care about. +# +# ╦ ╦╦ ╦╦ ╔╗╔╔═╗╦═╗╔═╗╔╗ ╦╦ ╦╔╦╗╦ ╦ ╔═╗╔═╗╔═╗╦═╗╔═╗╔═╗ ╔═╗╔═╗╔═╗╔═╗ ╔═╗╔╗╔╔╦╗ ╔═╗╦ ╦╔═╗╔═╗ +# ╚╗╔╝║ ║║ ║║║║╣ ╠╦╝╠═╣╠╩╗║║ ║ ║ ╚╦╝ ╚═╗║ ║ ║╠╦╝║╣ ╚═╗ ─── ║╣ ╠═╝╚═╗╚═╗ ╠═╣║║║ ║║ ║ ╚╗╔╝╚═╗╚═╗ +# ╚╝ ╚═╝╩═╝╝╚╝╚═╝╩╚═╩ ╩╚═╝╩╩═╝╩ ╩ ╩ ╚═╝╚═╝╚═╝╩╚═╚═╝╚═╝ ╚═╝╩ ╚═╝╚═╝ ╩ ╩╝╚╝═╩╝ ╚═╝ ╚╝ ╚═╝╚═╝ +- industryName: Vulnerability scores (EPSS and CVSS) + documentationUrl: https://fleetdm.com/vulnerability-management + tier: Premium + jamfProHasFeature: no + jamfProtectHasFeature: yes + usualDepartment: Security + productCategories: [Vulnerability management] + pricingTableCategories: [Vulnerability management] + buzzwords: [Risk scores,Cyber risk,Risk reduction,Security operations effectiveness,Peer benchmarking,Security program effectiveness,Risk-based exposure scoring,Threat context,Cyber exposure,Exposure quantification and benchmarking,Optimize security investments,Vulnerability assessment] + demos: + - description: Fleet enables a more modern, threat-first prioritization approach to vulnerability management. + quote: In reality, across our inventory of devices, it's unlikely to ever be exploited. I'd rather do that legwork on my team and then go and ask and prioritize work on these infrastructure teams that are already busy with things that could or could not be vulnerable. Being able to be more exact allows us to go to these teams less, which saves everybody time. + moreInfoUrl: https://www.youtube.com/watch?v=G5Ry_vQPaYc&t=131s + waysToUse: + - description: By leveraging EPSS (Exploit Prediction Scoring System), security professionals gain insight on the true risk behind rated CVEs. + - description: An Introduction to EPSS, The Exploit Prediction Scoring System + - moreInfoUrl: https://www.youtube.com/watch?v=vw1RlZCSRcQ + - description: By extracting metadata from the National Vulnerability Database (NVD) and Microsoft Security Response Center (MSRC), we can determine which version of software is no longer vulnerable. +# +# ╔═╗╦╔═╗╔═╗ ╦╔═╔═╗╦ ╦╔═╗ +# ║ ║╚═╗╠═╣ ╠╩╗║╣ ╚╗╔╝╚═╗ +# ╚═╝╩╚═╝╩ ╩ ╩ ╩╚═╝ ╚╝ ╚═╝ +- industryName: CISA KEVs (known exploited vulnerabilities) + documentationUrl: https://fleetdm.com/vulnerability-management + tier: Premium + jamfProHasFeature: no + jamfProtectHasFeature: yes + usualDepartment: Security + productCategories: [Vulnerability management] + pricingTableCategories: [Vulnerability management] + demos: + - description: + moreInfoUrl: + waysToUse: + - description: Help teams work on vulnerabilities that have actually been exploited (CISA KEVs) or have a high probability of being exploited (EPSS), or whatever is important in your environment. + - description: Use CISA KEVs for vulnerability management + - moreInfoUrl: https://www.youtube.com/watch?v=Z3mw2oxssYk +# +# ╔═╗╔═╗╔═╗╔═╗╔╦╗ ╔╦╗╦╔═╗╔═╗╔═╗╦ ╦╔═╗╦═╗╦ ╦ +# ╠═╣╚═╗╚═╗║╣ ║ ║║║╚═╗║ ║ ║╚╗╔╝║╣ ╠╦╝╚╦╝ +# ╩ ╩╚═╝╚═╝╚═╝ ╩ ═╩╝╩╚═╝╚═╝╚═╝ ╚╝ ╚═╝╩╚═ ╩ +- industryName: Asset discovery + documentationUrl: + tier: Premium + comingSoonOn: 2024-06-30 + usualDepartment: Security + productCategories: [Vulnerability management] + pricingTableCategories: [Vulnerability management] +# +# ███████╗███╗ ██╗██████╗ ██████╗ ██████╗ ██╗███╗ ██╗████████╗ +# ██╔════╝████╗ ██║██╔══██╗██╔══██╗██╔═══██╗██║████╗ ██║╚══██╔══╝ +# █████╗ ██╔██╗ ██║██║ ██║██████╔╝██║ ██║██║██╔██╗ ██║ ██║ +# ██╔══╝ ██║╚██╗██║██║ ██║██╔═══╝ ██║ ██║██║██║╚██╗██║ ██║ +# ███████╗██║ ╚████║██████╔╝██║ ╚██████╔╝██║██║ ╚████║ ██║ +# ╚══════╝╚═╝ ╚═══╝╚═════╝ ╚═╝ ╚═════╝ ╚═╝╚═╝ ╚═══╝ ╚═╝ +# +# ██████╗ ██████╗ ███████╗██████╗ █████╗ ████████╗██╗ ██████╗ ███╗ ██╗███████╗ +# ██╔═══██╗██╔══██╗██╔════╝██╔══██╗██╔══██╗╚══██╔══╝██║██╔═══██╗████╗ ██║██╔════╝ +# ██║ ██║██████╔╝█████╗ ██████╔╝███████║ ██║ ██║██║ ██║██╔██╗ ██║███████╗ +# ██║ ██║██╔═══╝ ██╔══╝ ██╔══██╗██╔══██║ ██║ ██║██║ ██║██║╚██╗██║╚════██║ +# ╚██████╔╝██║ ███████╗██║ ██║██║ ██║ ██║ ██║╚██████╔╝██║ ╚████║███████║ +# ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝╚══════╝ +# # # ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗ ╦ ╦╔═╗╔═╗╦ ╔╦╗╦ ╦ # ║║║╣ ╚╗╔╝║║ ║╣ ╠═╣║╣ ╠═╣║ ║ ╠═╣ @@ -34,58 +527,6 @@ moreInfoUrl: https://cloud.google.com/beyondcorp - description: Get endpoint data into ServiceNow and make your asset management teams happy moreInfoUrl: https://www.youtube.com/watch?v=aVbU6_9JoM0 -- industryName: Maintenance windows - friendlyName: Fleet in your calendar - description: Create a calendar event to auto-remediate failing policies when your end users are free. - documentationUrl: https://github.com/fleetdm/fleet/issues/17230 - tier: Premium - jamfProHasFeature: no - jamfProtectHasFeature: no - productCategories: [Endpoint operations] - pricingTableCategories: [Endpoint operations] -- industryName: AI-generated descriptions - description: Use AI to explain why your security policies matter. - documentationUrl: https://github.com/fleetdm/fleet/issues/18187 - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: no - productCategories: [Endpoint operations] - pricingTableCategories: [Endpoint operations] -# -# ╔═╗╔═╗╦═╗╦╔═╗╔╦╗ ╔═╗═╗ ╦╔═╗╔═╗╦ ╦╔╦╗╦╔═╗╔╗╔ -# ╚═╗║ ╠╦╝║╠═╝ ║ ║╣ ╔╩╦╝║╣ ║ ║ ║ ║ ║║ ║║║║ -# ╚═╝╚═╝╩╚═╩╩ ╩ ╚═╝╩ ╚═╚═╝╚═╝╚═╝ ╩ ╩╚═╝╝╚╝ -- industryName: Script execution - friendlyName: Safely execute custom scripts (macOS, Windows, and Linux) - description: Deploy and execute custom scripts using a REST API, and manage your library of scripts in the UI or a git repo. - documentationUrl: https://fleetdm.com/docs/using-fleet/scripts - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no - dri: mikermcneil - usualDepartment: IT - productCategories: [Endpoint operations,Device management] - pricingTableCategories: [Device management] - demos: - - description: A large tech company used scripts to fix issues with their security and compliance agents on workstations. - buzzwords: [Remote script execution,PowerShell scripts,Bash scripts] - waysToUse: - - description: Execute custom macOS scripts (client platform engineering) - moreInfoUrl: https://www.hexnode.com/blogs/executing-custom-mac-scripts-via-mdm/ - - description: Execute custom Windows scripts (client platform engineering) - moreInfoUrl: https://www.hexnode.com/blogs/executing-custom-windows-scripts-via-mdm/ - - description: Use PowerShell scripts on Windows devices - moreInfoUrl: https://learn.microsoft.com/en-us/mem/intune/apps/intune-management-extension - - description: Run PowerShell scripts for remediations (security engineering) - moreInfoUrl: https://learn.microsoft.com/en-us/mem/intune/fundamentals/powershell-scripts-remediation - - description: Download and run remediation scripts - moreInfoUrl: https://help.zscaler.com/deception/downloading-and-running-remediation-script - - description: Deploy custom scripts - moreInfoUrl: https://scalefusion.com/custom-scripting - - description: Run scripts on online/offline hosts - moreInfoUrl: https://github.com/fleetdm/fleet/issues/15529 - - description: Only maintainers and admins can run scripts. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/19055 # # ╔═╗╦ ╦╔╦╗╔═╗╔╦╗╔═╗╔╦╗╦╔═╗ ╔═╗╔═╗╔═╗╔╦╗╦ ╦╦═╗╔═╗ ╔═╗╔═╗╔═╗╔═╗╔═╗╔═╗╔╦╗╔═╗╔╗╔╔╦╗ # ╠═╣║ ║ ║ ║ ║║║║╠═╣ ║ ║║ ╠═╝║ ║╚═╗ ║ ║ ║╠╦╝║╣ ╠═╣╚═╗╚═╗║╣ ╚═╗╚═╗║║║║╣ ║║║ ║ @@ -167,6 +608,10 @@ moreInfoUrl: https://docs.google.com/document/d/1qFYtMoKh3zyERLhbErJOEOo2me6Bc7KOOkjKn482Sqc/edit - description: See what servers someone is logged-in on moreInfoUrl: https://community.spiceworks.com/topic/138171-is-there-a-way-to-see-what-servers-someone-is-logged-in-on +# +# ╦╔╗╔╔╦╗╦═╗╦ ╦╔═╗╔╦╗╦╔═╗╔╗╔ ╔╦╗╔═╗╔╦╗╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ +# ║║║║ ║ ╠╦╝║ ║╚═╗ ║ ║║ ║║║║ ║║║╣ ║ ║╣ ║ ║ ║║ ║║║║ +# ╩╝╚╝ ╩ ╩╚═╚═╝╚═╝ ╩ ╩╚═╝╝╚╝ ═╩╝╚═╝ ╩ ╚═╝╚═╝ ╩ ╩╚═╝╝╚╝ - industryName: Intrusion detection friendlyName: Build custom query and policy automations to detect suspicious behavior description: Send webhooks and ship logs to detect intrusions and issues with devices. @@ -191,6 +636,18 @@ - description: Gather data and log events from endpoints moreInfoUrl: https://techbeacon.com/security/how-osquery-can-lift-your-security-teams-game#:~:text=%22If%20security%20teams%20didn%27t%20have%20osquery%2C%20they%20would%20have%20to%20find%20a%20way%20to%20manually%20go%20into%20each%20endpoint%20and%20gather%20data%2C%20or%20buy%20a%20third%2Dparty%20tool%20to%20do%20that%20for%20them # +# ╔═╗╦ ╔═╗╔═╗╔╗╔╔═╗╦═╗╔═╗╔╦╗╔═╗╔╦╗ ╔╦╗╔═╗╔═╗╔═╗╦═╗╦╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ +# ╠═╣║───║ ╦║╣ ║║║║╣ ╠╦╝╠═╣ ║ ║╣ ║║ ║║║╣ ╚═╗║ ╠╦╝║╠═╝ ║ ║║ ║║║║╚═╗ +# ╩ ╩╩ ╚═╝╚═╝╝╚╝╚═╝╩╚═╩ ╩ ╩ ╚═╝═╩╝ ═╩╝╚═╝╚═╝╚═╝╩╚═╩╩ ╩ ╩╚═╝╝╚╝╚═╝ +- industryName: AI-generated descriptions + description: Use AI to explain why your security policies matter. + documentationUrl: https://github.com/fleetdm/fleet/issues/18187 + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: no + productCategories: [Endpoint operations] + pricingTableCategories: [Endpoint operations] +# # ╔═╗╦╔╦╗ # ╠╣ ║║║║ # ╚ ╩╩ ╩ @@ -221,41 +678,23 @@ moreInfoUrl: https://www.beyondtrust.com/resources/glossary/file-integrity-monitoring - description: Meet compliance mandates moreInfoUrl: https://www.beyondtrust.com/resources/glossary/file-integrity-monitoring -# ╔╦╗╔═╗╦ ╦ ╦╔═╗╦═╗╔═╗ ╔╦╗╔═╗╔╦╗╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ ┌─╦ ╦╔═╗╦═╗╔═╗─┐ -# ║║║╠═╣║ ║║║╠═╣╠╦╝║╣ ║║║╣ ║ ║╣ ║ ║ ║║ ║║║║ │ ╚╦╝╠═╣╠╦╝╠═╣ │ -# ╩ ╩╩ ╩╩═╝╚╩╝╩ ╩╩╚═╚═╝ ═╩╝╚═╝ ╩ ╚═╝╚═╝ ╩ ╩╚═╝╝╚╝ └─ ╩ ╩ ╩╩╚═╩ ╩─┘ -- industryName: Malware detection (YARA/custom IoCs) # TODO: consider: technically more than YARA, consider generalizing this and including the concept of comparing known binary hashes and other IoCs (either via live query or in the data lake to compare threat intel feed) - friendlyName: Scan files for zero days and malware signatures - description: Use YARA signatures to report and trigger automations when zero days, malware, or unexpected files are detected on a host. - documentationUrl: https://fleetdm.com/tables/yara - tier: Free +# +# ╔╦╗╔═╗╦╔╗╔╔╦╗╔═╗╔╗╔╔═╗╔╗╔╔═╗╔═╗ ╦ ╦╦╔╗╔╔╦╗╔═╗╦ ╦╔═╗ +# ║║║╠═╣║║║║ ║ ║╣ ║║║╠═╣║║║║ ║╣ ║║║║║║║ ║║║ ║║║║╚═╗ +# ╩ ╩╩ ╩╩╝╚╝ ╩ ╚═╝╝╚╝╩ ╩╝╚╝╚═╝╚═╝ ╚╩╝╩╝╚╝═╩╝╚═╝╚╩╝╚═╝ +- industryName: Maintenance windows + friendlyName: Fleet in your calendar + description: Create a calendar event to auto-remediate failing policies when your end users are free. + documentationUrl: https://github.com/fleetdm/fleet/issues/17230 + tier: Premium jamfProHasFeature: no - jamfProtectHasFeature: yes - dri: mikermcneil - usualDepartment: Security - productCategories: [Endpoint operations,Vulnerability management] - pricingTableCategories: [Vulnerability management] - buzzwords: [YARA scanning,Cyber Threat Intelligence (CTI),Indicators of compromise (IOCs),Antivirus (AV),Endpoint protection platform (EPP),Endpoint detection and response (EDR),Malware detection,Signature-based malware detection,Malware scanning,Malware analysis,Anomaly detection] - demos: - - description: A top media company used Fleet policies with YARA rules to continuously scan host filesystems for malware signatures provided by internal and external threat intelligence teams. - moreInfoUrl: # short demo video - waysToUse: - - description: Detect suspicious bytecode in JAR files - - description: Identify suspicious patterns in binaries using YARA signatures # (≈regular expressions for binary) - - description: Continuously scan host filesystems for malware signatures. - moreInfoUrl: https://yara.readthedocs.io/en/stable/writingrules.html - - description: Monitor for relevent filesystem changes (YARA events) and on-demand YARA signature scans. - moreInfoUrl: https://osquery.readthedocs.io/en/stable/deployment/yara/ - - description: Use YARA for malware detection - moreInfoUrl: https://www.cisa.gov/sites/default/files/FactSheets/NCCIC%20ICS_FactSheet_YARA_S508C.pdf - - description: Scan for indicators of compromise (IoC) for common malware. - moreInfoUrl: https://github.com/Cisco-Talos/osquery_queries - - description: Analyze malware using data from osquery, such as endpoint certificates and launch daemons (launchd). - moreInfoUrl: https://medium.com/hackernoon/malware-analysis-using-osquery-part-3-9dc805b67d16 - - description: Detect persistent malware (e.g. WireLurker) in endpoints by generating simple policies that search for their static indicators of compromise (IoCs). - moreInfoUrl: https://osquery.readthedocs.io/en/stable/deployment/anomaly-detection/ - - description: Run a targeted YARA scan with osquery as a lightweight approach to scan anything on a host filesystem, with minimal performance impact. Unlike full system YARA scans which consume considerable CPU resources, an equivalent YARA scan targeted in Fleet can be 8x cheaper (CPU %). - moreInfoUrl: https://www.tripwire.com/state-of-security/signature-socket-based-malware-detection-osquery-yara + jamfProtectHasFeature: no + productCategories: [Endpoint operations] + pricingTableCategories: [Endpoint operations] +# +# ╔╦╗╔═╗╔╦╗╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ ╔═╗╔╗╔╔═╗╦╔╗╔╔═╗╔═╗╦═╗╦╔╗╔╔═╗ +# ║║║╣ ║ ║╣ ║ ║ ║║ ║║║║ ║╣ ║║║║ ╦║║║║║╣ ║╣ ╠╦╝║║║║║ ╦ +# ═╩╝╚═╝ ╩ ╚═╝╚═╝ ╩ ╩╚═╝╝╚╝ ╚═╝╝╚╝╚═╝╩╝╚╝╚═╝╚═╝╩╚═╩╝╚╝╚═╝ - industryName: Detection engineering friendlyName: # Ship logs to your data lake and comopare with known bad binary hashes or capture behavioral data and build custom detections (e.g. using a framework like MITRE) description: @@ -273,6 +712,10 @@ moreInfoUrl: waysToUse: - description: +# +# ╔╦╗╦ ╦╦═╗╔═╗╔═╗╔╦╗ ╦ ╦╦ ╦╔╗╔╔╦╗╦╔╗╔╔═╗ +# ║ ╠═╣╠╦╝║╣ ╠═╣ ║ ╠═╣║ ║║║║ ║ ║║║║║ ╦ +# ╩ ╩ ╩╩╚═╚═╝╩ ╩ ╩ ╩ ╩╚═╝╝╚╝ ╩ ╩╝╚╝╚═╝ - industryName: Threat hunting friendlyName: # TODO: live query description: @@ -290,6 +733,10 @@ moreInfoUrl: waysToUse: - description: +# +# ╦╔╗╔╔═╗╦╔╦╗╔═╗╔╗╔╔╦╗ ╦═╗╔═╗╔═╗╔═╗╔═╗╔╗╔╔═╗╔═╗ +# ║║║║║ ║ ║║║╣ ║║║ ║ ╠╦╝║╣ ╚═╗╠═╝║ ║║║║╚═╗║╣ +# ╩╝╚╝╚═╝╩═╩╝╚═╝╝╚╝ ╩ ╩╚═╚═╝╚═╝╩ ╚═╝╝╚╝╚═╝╚═╝ - industryName: Incident response friendlyName: Interrogate hosts in real time description: Live query, triage, figuring out scope of impact, remediate using scripts or MDM commands (e.g. remote wipe), and quarantine or reimage using other systems and APIs (e.g. remove from network, decommission container) @@ -307,6 +754,10 @@ moreInfoUrl: waysToUse: - description: +# +# ╔╗ ╦╔╗╔╔═╗╦═╗╦ ╦ ╔═╗╦ ╦╔╦╗╦ ╦╔═╗╦═╗╦╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ +# ╠╩╗║║║║╠═╣╠╦╝╚╦╝ ╠═╣║ ║ ║ ╠═╣║ ║╠╦╝║╔═╝╠═╣ ║ ║║ ║║║║ +# ╚═╝╩╝╚╝╩ ╩╩╚═ ╩ ╩ ╩╚═╝ ╩ ╩ ╩╚═╝╩╚═╩╚═╝╩ ╩ ╩ ╩╚═╝╝╚╝ - industryName: Binary authorization friendlyName: Restrict what programs can run, and what files running programs can access. description: @@ -330,6 +781,7 @@ - description: Confine programs according to a set of rules that specify which files a program can access. moreInfoUrl: https://wiki.debian.org/AppArmor - description: Proactively protect the system against both known and unknown vulnerabilities. +# # ╔═╗╔═╗╔═╗╔╗╔╔╦╗ ╔═╗╦ ╦╔╦╗╔═╗ ╦ ╦╔═╗╔╦╗╔═╗╔╦╗╔═╗ # ╠═╣║ ╦║╣ ║║║ ║ ╠═╣║ ║ ║ ║ ║───║ ║╠═╝ ║║╠═╣ ║ ║╣ # ╩ ╩╚═╝╚═╝╝╚╝ ╩ ╩ ╩╚═╝ ╩ ╚═╝ ╚═╝╩ ═╩╝╩ ╩ ╩ ╚═╝ @@ -343,6 +795,7 @@ productCategories: [Endpoint operations] pricingTableCategories: [Endpoint operations] usualDepartment: IT +# # ╦╔╗╔╔═╗╔╦╗╔═╗╦ ╦ ╔═╗╦═╗╔═╗ # ║║║║╚═╗ ║ ╠═╣║ ║ ║╣ ╠╦╝╚═╗ # ╩╝╚╝╚═╝ ╩ ╩ ╩╩═╝╩═╝╚═╝╩╚═╚═╝ @@ -361,6 +814,7 @@ moreInfoUrl: https://www.youtube.com/watch?v=qflUfLQCnwY&list=PL6-FgoWOoK2YUR4ADGsxTSL3onb-GzCnM&index=4 - description: Package osquery for Linux servers via Workspace One and Windows servers via group policies moreInfoUrl: https://www.youtube.com/watch?v=qflUfLQCnwY&list=PL6-FgoWOoK2YUR4ADGsxTSL3onb-GzCnM&index=4 +# # ╔╗ ╔═╗╔╦╗╔═╗╦ ╦ ╦╔╗╔╔═╗╔╦╗╔═╗╦ ╦ ╔═╗╔╦╗╦╔═╗╔╗╔ # ╠╩╗╠═╣ ║ ║ ╠═╣ ║║║║╚═╗ ║ ╠═╣║ ║ ╠═╣ ║ ║║ ║║║║ # ╚═╝╩ ╩ ╩ ╚═╝╩ ╩ ╩╝╚╝╚═╝ ╩ ╩ ╩╩═╝╩═╝╩ ╩ ╩ ╩╚═╝╝╚╝ @@ -373,6 +827,7 @@ productCategories: [Endpoint operations] pricingTableCategories: [Endpoint operations] usualDepartment: IT +# # ╦═╗╔═╗╔╦╗╔═╗╔╦╗╔═╗ ╔═╗╔═╗╔╦╗╔╦╗╦╔╗╔╔═╗╔═╗ # ╠╦╝║╣ ║║║║ ║ ║ ║╣ ╚═╗║╣ ║ ║ ║║║║║ ╦╚═╗ # ╩╚═╚═╝╩ ╩╚═╝ ╩ ╚═╝ ╚═╝╚═╝ ╩ ╩ ╩╝╚╝╚═╝╚═╝ @@ -386,6 +841,254 @@ productCategories: [Endpoint operations] pricingTableCategories: [Endpoint operations] usualDepartment: Security +# +# ╔═╗╔═╗╔╦╗╔╦╗╔═╗╔╗╔╔╦╗ ╦ ╦╔╗╔╔═╗ ╔╦╗╔═╗╔═╗╦ ┌─ ╔═╗╦ ╦ ─┐ +# ║ ║ ║║║║║║║╠═╣║║║ ║║ ║ ║║║║║╣ ║ ║ ║║ ║║ │ ║ ║ ║ │ +# ╚═╝╚═╝╩ ╩╩ ╩╩ ╩╝╚╝═╩╝ ╩═╝╩╝╚╝╚═╝ ╩ ╚═╝╚═╝╩═╝ └─ ╚═╝╩═╝╩ ─┘ +- industryName: Command line tool (CLI) + friendlyName: fleetctl + documentationUrl: https://fleetdm.com/docs/using-fleet/fleetctl-cli + productCategories: [Endpoint operations,Device management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔═╗╔═╗╔═╗╔╦╗╦ ╦╔═╗╦═╗╔═╗ ╦╔╗╔╦ ╦╔═╗╔╗╔╔╦╗╔═╗╦═╗╦ ╦ +# ╚═╗║ ║╠╣ ║ ║║║╠═╣╠╦╝║╣ ║║║║╚╗╔╝║╣ ║║║ ║ ║ ║╠╦╝╚╦╝ +# ╚═╝╚═╝╚ ╩ ╚╩╝╩ ╩╩╚═╚═╝ ╩╝╚╝ ╚╝ ╚═╝╝╚╝ ╩ ╚═╝╩╚═ ╩ +- industryName: Software inventory + documentationUrl: https://fleetdm.com/docs/get-started/anatomy#software-library + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + waysToUse: + - description: Implement software inventory recommendations from the SANS 20 / CIS 18. + moreInfoUrl: https://docs.google.com/document/d/1E6EQMMqrsRc6Z3YsR6Q33OaF9eAa8zLNaz4K2YzFdyo/edit#heading=h.7en766pueek4 + - description: View a list of all software and their versions installed on all your hosts. + - description: View a list of software rolled up by title. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/14674 +# +# ╦ ╦╔═╗╦═╗╔╦╗╦ ╦╔═╗╦═╗╔═╗ ╦╔╗╔╦ ╦╔═╗╔╗╔╔╦╗╔═╗╦═╗╦ ╦ +# ╠═╣╠═╣╠╦╝ ║║║║║╠═╣╠╦╝║╣ ║║║║╚╗╔╝║╣ ║║║ ║ ║ ║╠╦╝╚╦╝ +# ╩ ╩╩ ╩╩╚══╩╝╚╩╝╩ ╩╩╚═╚═╝ ╩╝╚╝ ╚╝ ╚═╝╝╚╝ ╩ ╚═╝╩╚═ ╩ +- industryName: Hardware inventory + documentationUrl: https://fleetdm.com/tables/system_info + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no + waysToUse: + - description: Implement hardware and infrastructure inventory recommendations from the SANS 20 / CIS 18. + moreInfoUrl: https://docs.google.com/document/d/1E6EQMMqrsRc6Z3YsR6Q33OaF9eAa8zLNaz4K2YzFdyo/edit#heading=h.7en766pueek4 +# +# ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗ ╦╔╗╔╦ ╦╔═╗╔╗╔╔╦╗╔═╗╦═╗╦ ╦ ╔╦╗╔═╗╔═╗╦ ╦╔╗ ╔═╗╔═╗╦═╗╔╦╗ +# ║║║╣ ╚╗╔╝║║ ║╣ ║║║║╚╗╔╝║╣ ║║║ ║ ║ ║╠╦╝╚╦╝ ║║╠═╣╚═╗╠═╣╠╩╗║ ║╠═╣╠╦╝ ║║ +# ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝ ╩╝╚╝ ╚╝ ╚═╝╝╚╝ ╩ ╚═╝╩╚═ ╩ ═╩╝╩ ╩╚═╝╩ ╩╚═╝╚═╝╩ ╩╩╚══╩╝ +- industryName: Device inventory dashboard + documentationUrl: + productCategories: [Endpoint operations,Device management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔╗ ╦═╗╔═╗╦ ╦╔═╗╔═╗ ╦╔╗╔╔═╗╔╦╗╔═╗╦ ╦ ╔═╗╔╦╗ ╔═╗╔═╗╔═╗╔╦╗╦ ╦╔═╗╦═╗╔═╗ ╔═╗╔═╗╔═╗╦╔═╔═╗╔═╗╔═╗╔═╗ +# ╠╩╗╠╦╝║ ║║║║╚═╗║╣ ║║║║╚═╗ ║ ╠═╣║ ║ ║╣ ║║ ╚═╗║ ║╠╣ ║ ║║║╠═╣╠╦╝║╣ ╠═╝╠═╣║ ╠╩╗╠═╣║ ╦║╣ ╚═╗ +# ╚═╝╩╚═╚═╝╚╩╝╚═╝╚═╝ ╩╝╚╝╚═╝ ╩ ╩ ╩╩═╝╩═╝╚═╝═╩╝ ╚═╝╚═╝╚ ╩ ╚╩╝╩ ╩╩╚═╚═╝ ╩ ╩ ╩╚═╝╩ ╩╩ ╩╚═╝╚═╝╚═╝ +- industryName: Browse installed software packages + documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#software + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no +# +# ╔╦╗╦ ╦╔═╗ ╔═╗╔═╗╔═╗╔╦╗╔═╗╦═╗ ╔═╗╦ ╦╔╦╗╦ ╦╔═╗╔╗╔╔╦╗╦╔═╗╔═╗╔╦╗╦╔═╗╔╗╔ +# ║ ║║║║ ║───╠╣ ╠═╣║ ║ ║ ║╠╦╝ ╠═╣║ ║ ║ ╠═╣║╣ ║║║ ║ ║║ ╠═╣ ║ ║║ ║║║║ +# ╩ ╚╩╝╚═╝ ╚ ╩ ╩╚═╝ ╩ ╚═╝╩╚═ ╩ ╩╚═╝ ╩ ╩ ╩╚═╝╝╚╝ ╩ ╩╚═╝╩ ╩ ╩ ╩╚═╝╝╚╝ +- industryName: Two-factor authentication + moreInfoUrl: https://github.com/fleetdm/fleet/issues/5478 + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes + waysToUse: + - description: Enforce two-factor authentication when logging in to Fleet for added security. + comingSoonOn: 2024-12-31 #customer-rosner +# +# ╔═╗╦ ╦╔═╗╔╦╗╔═╗╔╦╗ ╔═╗╔═╗╦═╗ ╔═╗╦═╗╔═╗╔═╗╔═╗ ╔╦╗╔═╗╔╦╗╔═╗╦╔╗╔ ╦╔╦╗╔═╗╔╗╔╔╦╗╦╔╦╗╦ ╦ +# ╚═╗╚╦╝╚═╗ ║ ║╣ ║║║ ╠╣ ║ ║╠╦╝ ║ ╠╦╝║ ║╚═╗╚═╗───║║║ ║║║║╠═╣║║║║ ║ ║║║╣ ║║║ ║ ║ ║ ╚╦╝ +# ╚═╝ ╩ ╚═╝ ╩ ╚═╝╩ ╩ ╚ ╚═╝╩╚═ ╚═╝╩╚═╚═╝╚═╝╚═╝ ═╩╝╚═╝╩ ╩╩ ╩╩╝╚╝ ╩═╩╝╚═╝╝╚╝ ╩ ╩ ╩ ╩ +# ╔╦╗╔═╗╔╗╔╔═╗╔═╗╔═╗╔╦╗╔═╗╔╗╔╔╦╗ ╔═╗╦═╗╔═╗╦ ╦╦╔═╗╦╔═╗╔╗╔╦╔╗╔╔═╗ +# ║║║╠═╣║║║╠═╣║ ╦║╣ ║║║║╣ ║║║ ║ ╠═╝╠╦╝║ ║╚╗╔╝║╚═╗║║ ║║║║║║║║║ ╦ +# ╩ ╩╩ ╩╝╚╝╩ ╩╚═╝╚═╝╩ ╩╚═╝╝╚╝ ╩ ╩ ╩╚═╚═╝ ╚╝ ╩╚═╝╩╚═╝╝╚╝╩╝╚╝╚═╝ +- industryName: System for Cross-domain Identity Management (SCIM) provisioning + moreInfoUrl: https://github.com/fleetdm/fleet/issues/15671 + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Premium + comingSoonOn: 2024-12-31 #customer-rosner +# +# ╔═╗╔═╗╔═╗╦═╗╔═╗╦ ╦ ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗╔═╗ ╔╗ ╦ ╦ ╦╔═╗ ╔═╗╔═╗╦═╗╦╔═╗╦ +# ╚═╗║╣ ╠═╣╠╦╝║ ╠═╣ ║║║╣ ╚╗╔╝║║ ║╣ ╚═╗ ╠╩╗╚╦╝ ║╠═╝ ╚═╗║╣ ╠╦╝║╠═╣║ +# ╚═╝╚═╝╩ ╩╩╚═╚═╝╩ ╩ ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝╚═╝ ╚═╝ ╩ ╩╩┘ ╚═╝╚═╝╩╚═╩╩ ╩╩═╝┘ +# ╦ ╦╔═╗╔═╗╔╦╗╔╗╔╔═╗╔╦╗╔═╗ ╦ ╦╦ ╦╦╔╦╗ +# ╠═╣║ ║╚═╗ ║ ║║║╠═╣║║║║╣ ║ ║║ ║║ ║║ +# ╩ ╩╚═╝╚═╝ ╩ ╝╚╝╩ ╩╩ ╩╚═╝┘ ╚═╝╚═╝╩═╩╝ +- industryName: Search devices by IP, serial, hostname, UUID + documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#hosts + productCategories: [Endpoint operations,Device management] + pricingTableCategories: [Endpoint operations] + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╦ ╔═╗╔╗ ╔═╗╦ ╔═╗ ╔═╗╔═╗ ╦ ╔╦╗╦═╗╦╦ ╦╔═╗╔╗╔ +# ║ ╠═╣╠╩╗║╣ ║ ╚═╗ ╚═╗║═╬╗║─────║║╠╦╝║╚╗╔╝║╣ ║║║ +# ╩═╝╩ ╩╚═╝╚═╝╩═╝╚═╝ ╚═╝╚═╝╚╩═╝ ═╩╝╩╚═╩ ╚╝ ╚═╝╝╚╝ +- industryName: Labels (SQL-driven) + documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#add-label + friendlyName: Filter hosts using SQL + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: no +# +# ╦ ╦╔═╗╦═╗╔═╗╦╔═╗╔╗╔╔═╗╔╗ ╦ ╔═╗ ╔═╗ ╦ ╦╔═╗╦═╗╦╔═╗╔═╗ ╔═╗╔╗╔╔╦╗ ╔═╗╔═╗╔╗╔╔═╗╦╔═╗ +# ╚╗╔╝║╣ ╠╦╝╚═╗║║ ║║║║╠═╣╠╩╗║ ║╣ ║═╬╗║ ║║╣ ╠╦╝║║╣ ╚═╗ ╠═╣║║║ ║║ ║ ║ ║║║║╠╣ ║║ ╦ +# ╚╝ ╚═╝╩╚═╚═╝╩╚═╝╝╚╝╩ ╩╚═╝╩═╝╚═╝ ╚═╝╚╚═╝╚═╝╩╚═╩╚═╝╚═╝ ╩ ╩╝╚╝═╩╝ ╚═╝╚═╝╝╚╝╚ ╩╚═╝ +# ╔═╗╦╔╦╗╔═╗╔═╗╔═╗ +# ║ ╦║ ║ ║ ║╠═╝╚═╗ +# ╚═╝╩ ╩ ╚═╝╩ ╚═╝ +- industryName: Versionable queries and config (GitOps) + documentationUrl: https://fleetdm.com/guides/using-github-actions-to-apply-configuration-profiles-with-fleet#basic-article + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: no + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + demos: + - description: A top financial services company needed to set up rolling deployments for changes to osquery agents running on their production servers. + moreInfoUrl: https://docs.google.com/document/d/1UdzZMyBLbs9SUXfSXN2x2wZQCbjZZUetYlNWH6-ryqQ/edit#heading=h.2lh6ehprpvl6 +# +# ╔═╗╔═╗╔═╗╔═╗╔═╗ ╔╦╗╦═╗╔═╗╔╗╔╔═╗╔═╗╔═╗╦═╗╔═╗╔╗╔╔═╗╦ ╦ +# ╚═╗║ ║ ║╠═╝║╣ ║ ╠╦╝╠═╣║║║╚═╗╠═╝╠═╣╠╦╝║╣ ║║║║ ╚╦╝ +# ╚═╝╚═╝╚═╝╩ ╚═╝ ╩ ╩╚═╩ ╩╝╚╝╚═╝╩ ╩ ╩╩╚═╚═╝╝╚╝╚═╝ ╩ +- industryName: Scope transparency + tier: Free + documentationUrl: https://fleetdm.com/transparency + productCategories: [Endpoint operations] + pricingTableCategories: [Endpoint operations] +# +# ╔═╗╦╔╗╔╔═╗╦ ╔═╗ ╔═╗╦╔═╗╔╗╔ ╔═╗╔╗╔ +# ╚═╗║║║║║ ╦║ ║╣ ╚═╗║║ ╦║║║ ║ ║║║║ +# ╚═╝╩╝╚╝╚═╝╩═╝╚═╝ ╚═╝╩╚═╝╝╚╝ ╚═╝╝╚╝ +- industryName: Single sign on (SSO, SAML) + documentationUrl: https://fleetdm.com/docs/deploy/single-sign-on-sso#single-sign-on-sso + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔═╗╦ ╦╔╦╗╦╔╦╗ ╦ ╔═╗╔═╗ ╔═╗╔═╗ ╔═╗╔═╗╔╦╗╦╦ ╦╦╔╦╗╦ ╦ +# ╠═╣║ ║ ║║║ ║ ║ ║ ║║ ╦ ║ ║╠╣ ╠═╣║ ║ ║╚╗╔╝║ ║ ╚╦╝ +# ╩ ╩╚═╝═╩╝╩ ╩ ╩═╝╚═╝╚═╝ ╚═╝╚ ╩ ╩╚═╝ ╩ ╩ ╚╝ ╩ ╩ ╩ +- industryName: Audit log of activity (queries, scripts, logins, etc) + documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#list-activities + productCategories: [Endpoint operations, Device management] + pricingTableCategories: [Endpoint operations] + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: yes + usualDepartment: Security + waysToUse: + - description: Export activity of Fleet admins to your SIEM or data lake +# +# ╔═╗╦═╗╔═╗╔╗╔╔╦╗ ╔═╗╔═╗╦ ╔═╗╔╗╔╦ ╦ ╦ ╔═╗╔═╗╔═╗╔═╗╔═╗╔═╗ +# ║ ╦╠╦╝╠═╣║║║ ║ ╠═╣╠═╝║───║ ║║║║║ ╚╦╝ ╠═╣║ ║ ║╣ ╚═╗╚═╗ +# ╚═╝╩╚═╩ ╩╝╚╝ ╩ ╩ ╩╩ ╩ ╚═╝╝╚╝╩═╝╩ ╩ ╩╚═╝╚═╝╚═╝╚═╝╚═╝ +- industryName: Grant API-only access + documentationUrl: https://fleetdm.com/docs/using-fleet/fleetctl-cli#using-fleetctl-with-an-api-only-user + productCategories: [Endpoint operations] + pricingTableCategories: [Endpoint operations] + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔═╗ ╦ ╦╔═╗╦═╗╦ ╦ ╔═╗╔═╗╦═╗╔═╗╔═╗╦═╗╔╦╗╔═╗╔╗╔╔═╗╔═╗ ╔╦╗╔═╗╔╗╔╦╔╦╗╔═╗╦═╗╦╔╗╔╔═╗ +# ║═╬╗║ ║║╣ ╠╦╝╚╦╝ ╠═╝║╣ ╠╦╝╠╣ ║ ║╠╦╝║║║╠═╣║║║║ ║╣ ║║║║ ║║║║║ ║ ║ ║╠╦╝║║║║║ ╦ +# ╚═╝╚╚═╝╚═╝╩╚═ ╩ ╩ ╚═╝╩╚═╚ ╚═╝╩╚═╩ ╩╩ ╩╝╚╝╚═╝╚═╝ ╩ ╩╚═╝╝╚╝╩ ╩ ╚═╝╩╚═╩╝╚╝╚═╝ +- industryName: Query performance monitoring + documentationUrl: https://fleetdm.com/docs/get-started/faq#will-fleet-slow-down-my-servers-what-about-my-employee-laptops + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: no + productCategories: [Endpoint operations] + pricingTableCategories: [Endpoint operations] + demos: + - description: A top software company needed to understand the performance impact of osquery queries before running them on all of their production Linux servers. + moreInfoUrl: https://docs.google.com/document/d/1WzMc8GJCRU6tTBb6gLsSTzFysqtXO8CtP2sXMPKgYSk/edit?disco=AAAA6xuVxGg + - description: A top software company wanted to detect regressions when adding/changing queries and fail builds if queries were too expensive. + moreInfoUrl: https://docs.google.com/document/d/1WzMc8GJCRU6tTBb6gLsSTzFysqtXO8CtP2sXMPKgYSk/edit?disco=AAAA6xuVxGg + waysToUse: + - description: Monitor performance for automated queries. + - description: Monitor performance for live queries. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/467 +# +# ╔╦╗╔═╗╔╦╗╔═╗╔═╗╔╦╗ ╔═╗╔╗╔╔╦╗ ╔═╗╦ ╦╦═╗╔═╗╔═╗╔═╗╔═╗ ╦╔═╗╔═╗╦ ╦╔═╗╔═╗ ╦ ╦╦╔╦╗╦ ╦ +# ║║║╣ ║ ║╣ ║ ║ ╠═╣║║║ ║║ ╚═╗║ ║╠╦╝╠╣ ╠═╣║ ║╣ ║╚═╗╚═╗║ ║║╣ ╚═╗ ║║║║ ║ ╠═╣ +# ═╩╝╚═╝ ╩ ╚═╝╚═╝ ╩ ╩ ╩╝╚╝═╩╝ ╚═╝╚═╝╩╚═╚ ╩ ╩╚═╝╚═╝ ╩╚═╝╚═╝╚═╝╚═╝╚═╝ ╚╩╝╩ ╩ ╩ ╩ +# ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗╔═╗ +# ║║║╣ ╚╗╔╝║║ ║╣ ╚═╗ +# ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝╚═╝ +- industryName: Detect and surface issues with devices (policies) + documentationUrl: https://fleetdm.com/docs/get-started/anatomy#policy + productCategories: [Endpoint operations,Device management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔═╗╦ ╔═╗═╗ ╦╦╔╗ ╦ ╔═╗ ╦ ╔═╗╔═╗ ╔╦╗╔═╗╔═╗╔╦╗╦╔╗╔╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ +# ╠╣ ║ ║╣ ╔╩╦╝║╠╩╗║ ║╣ ║ ║ ║║ ╦ ║║║╣ ╚═╗ ║ ║║║║╠═╣ ║ ║║ ║║║║╚═╗ +# ╚ ╩═╝╚═╝╩ ╚═╩╚═╝╩═╝╚═╝ ╩═╝╚═╝╚═╝ ═╩╝╚═╝╚═╝ ╩ ╩╝╚╝╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝ +- industryName: Flexible log destinations (AWS Kinesis, Lambda, GCP, Kafka) + documentationUrl: https://fleetdm.com/docs/using-fleet/log-destinations#log-destinations + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes + usualDepartment: Security + productCategories: [Endpoint operations] + pricingTableCategories: [Endpoint operations] + buzzwords: [Real-time export,Ship logs] +# +# ╔═╗╦╦ ╔═╗ ╔═╗╔═╗╦═╗╦ ╦╦╔╗╔╔═╗ +# ╠╣ ║║ ║╣ ║ ╠═╣╠╦╝╚╗╔╝║║║║║ ╦ +# ╚ ╩╩═╝╚═╝ ╚═╝╩ ╩╩╚═ ╚╝ ╩╝╚╝╚═╝ +- industryName: File carving (AWS S3) + documentationUrl: https://fleetdm.com/docs/configuration/fleet-server-configuration#s-3-file-carving-backend + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: no + usualDepartment: Security + productCategories: [Endpoint operations] + pricingTableCategories: [Endpoint operations] +# # ╦ ╦╔═╗╦═╗╦╔═╗╔╗ ╦ ╔═╗ ╔═╗╔╗╔╦═╗╔═╗╦ ╦ ╔╦╗╔═╗╔╗╔╔╦╗ # ╚╗╔╝╠═╣╠╦╝║╠═╣╠╩╗║ ║╣ ║╣ ║║║╠╦╝║ ║║ ║ ║║║║╣ ║║║ ║ # ╚╝ ╩ ╩╩╚═╩╩ ╩╚═╝╩═╝╚═╝ ╚═╝╝╚╝╩╚═╚═╝╩═╝╩═╝╩ ╩╚═╝╝╚╝ ╩ @@ -398,6 +1101,7 @@ productCategories: [Endpoint operations, Device management] pricingTableCategories: [Endpoint operations] usualDepartment: IT +# # ╔═╗╦═╗╦╦ ╦╔═╗╔╦╗╔═╗ ╦ ╦╔═╗╔╦╗╔═╗╔╦╗╔═╗ ╦═╗╔═╗╔═╗╦╔═╗╔╦╗╦═╗╦ ╦ # ╠═╝╠╦╝║╚╗╔╝╠═╣ ║ ║╣ ║ ║╠═╝ ║║╠═╣ ║ ║╣ ╠╦╝║╣ ║ ╦║╚═╗ ║ ╠╦╝╚╦╝ # ╩ ╩╚═╩ ╚╝ ╩ ╩ ╩ ╚═╝ ╚═╝╩ ═╩╝╩ ╩ ╩ ╚═╝ ╩╚═╚═╝╚═╝╩╚═╝ ╩ ╩╚═ ╩ @@ -411,6 +1115,10 @@ productCategories: [Endpoint operations] pricingTableCategories: [Endpoint operations] usualDepartment: Security +# +# ╦ ╦╔═╗╦═╗╦╔═╗╔╗ ╦ ╔═╗ ╔═╗╔═╗╔═╗╔╗╔╔╦╗ ╦ ╦╔═╗╦═╗╔═╗╦╔═╗╔╗╔╔═╗ +# ╚╗╔╝╠═╣╠╦╝║╠═╣╠╩╗║ ║╣ ╠═╣║ ╦║╣ ║║║ ║ ╚╗╔╝║╣ ╠╦╝╚═╗║║ ║║║║╚═╗ +# ╚╝ ╩ ╩╩╚═╩╩ ╩╚═╝╩═╝╚═╝ ╩ ╩╚═╝╚═╝╝╚╝ ╩ ╚╝ ╚═╝╩╚═╚═╝╩╚═╝╝╚╝╚═╝ - industryName: Variable agent versions descrption: Manage agents remotely by setting different versions per-baseline. documentationUrl: https://fleetdm.com/docs/configuration/agent-configuration#configure-fleetd-update-channels @@ -420,6 +1128,7 @@ productCategories: [Endpoint operations] pricingTableCategories: [Endpoint operations] usualDepartment: IT +# # ╔═╗╦ ╦╔═╗╔╦╗╔═╗╔╦╗ ╔╦╗╔═╗╔╗ ╦ ╔═╗╔═╗ # ║ ║ ║╚═╗ ║ ║ ║║║║ ║ ╠═╣╠╩╗║ ║╣ ╚═╗ # ╚═╝╚═╝╚═╝ ╩ ╚═╝╩ ╩ ╩ ╩ ╩╚═╝╩═╝╚═╝╚═╝ @@ -434,63 +1143,138 @@ productCategories: [Endpoint operations] pricingTableCategories: [Endpoint operations] usualDepartment: IT -# -# ╦═╗╔═╗╔═╗╔╦╗ ╔═╗╔═╗╦ -# ╠╦╝║╣ ╚═╗ ║ ╠═╣╠═╝║ -# ╩╚═╚═╝╚═╝ ╩ ╩ ╩╩ ╩ -- industryName: REST API - friendlyName: Automate any feature - description: - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Integrations] - usualDepartment: IT - documentationUrl: https://fleetdm.com/docs/rest-api/rest-api - screenshotSrc: - tier: Free +# +# ╔╗ ╔═╗╔═╗╔═╗╦ ╦╔╗╔╔═╗╔═╗ ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗ ╔═╗╦═╗╔═╗╦ ╦╔═╗╔═╗ +# ╠╩╗╠═╣╚═╗║╣ ║ ║║║║║╣ ╚═╗ ║║║╣ ╚╗╔╝║║ ║╣ ║ ╦╠╦╝║ ║║ ║╠═╝╚═╗ +# ╚═╝╩ ╩╚═╝╚═╝╩═╝╩╝╚╝╚═╝╚═╝ ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝ ╚═╝╩╚═╚═╝╚═╝╩ ╚═╝ +- industryName: Baselines (device groups) + friendlyName: Manage different endpoints differently + documentationUrl: https://fleetdm.com/docs/using-fleet/segment-hosts + description: Set baselines and strategies for hosts in different situations called "teams", and move hosts between them via API-driven automations or a simple, delegatable user interface with role-based access. + tier: Premium jamfProHasFeature: yes jamfProtectHasFeature: yes - dri: rachaelshaw -# ╔═╗╔═╗╔╦╗╔╦╗╔═╗╔╗╔╔╦╗ ╦ ╦╔╗╔╔═╗ ╔╦╗╔═╗╔═╗╦ ┌─ ╔═╗╦ ╦ ─┐ -# ║ ║ ║║║║║║║╠═╣║║║ ║║ ║ ║║║║║╣ ║ ║ ║║ ║║ │ ║ ║ ║ │ -# ╚═╝╚═╝╩ ╩╩ ╩╩ ╩╝╚╝═╩╝ ╩═╝╩╝╚╝╚═╝ ╩ ╚═╝╚═╝╩═╝ └─ ╚═╝╩═╝╩ ─┘ -- industryName: Command line tool (CLI) - friendlyName: fleetctl - documentationUrl: https://fleetdm.com/docs/using-fleet/fleetctl-cli + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + waysToUse: + - description: Automate remediation for different applications with different security postures (cloud security engineering) +# +# ╔═╗╔═╗╔╗╔╔═╗╦═╗╔═╗╔╦╗╔═╗ ╦═╗╔═╗╔═╗╔═╗╦═╗╔╦╗╔═╗ ╔═╗╔═╗╦═╗ ╔═╗╦═╗╔═╗╦ ╦╔═╗╔═╗ +# ║ ╦║╣ ║║║║╣ ╠╦╝╠═╣ ║ ║╣ ╠╦╝║╣ ╠═╝║ ║╠╦╝ ║ ╚═╗ ╠╣ ║ ║╠╦╝ ║ ╦╠╦╝║ ║║ ║╠═╝╚═╗ +# ╚═╝╚═╝╝╚╝╚═╝╩╚═╩ ╩ ╩ ╚═╝ ╩╚═╚═╝╩ ╚═╝╩╚═ ╩ ╚═╝ ╚ ╚═╝╩╚═ ╚═╝╩╚═╚═╝╚═╝╩ ╚═╝ +# ╔═╗╔═╗ ╔╦╗╔═╗╦ ╦╦╔═╗╔═╗╔═╗ +# ║ ║╠╣ ║║║╣ ╚╗╔╝║║ ║╣ ╚═╗ +# ╚═╝╚ ═╩╝╚═╝ ╚╝ ╩╚═╝╚═╝╚═╝ +- industryName: Generate reports for groups of devices + documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#get-query-report + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╦╦ ╦╔═╗╔╦╗ ╦╔╗╔ ╔╦╗╦╔╦╗╔═╗ ╔═╗╦═╗╔═╗╦ ╦╦╔═╗╦╔═╗╔╗╔╦╔╗╔╔═╗ +# ║║ ║╚═╗ ║───║║║║───║ ║║║║║╣ ╠═╝╠╦╝║ ║╚╗╔╝║╚═╗║║ ║║║║║║║║║ ╦ +# ╚╝╚═╝╚═╝ ╩ ╩╝╚╝ ╩ ╩╩ ╩╚═╝ ╩ ╩╚═╚═╝ ╚╝ ╩╚═╝╩╚═╝╝╚╝╩╝╚╝╚═╝ +- industryName: Just-in-time (JIT) provisioning + documentationUrl: https://fleetdm.com/docs/deploy/single-sign-on-sso#just-in-time-jit-user-provisioning + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: no +# +# ╦═╗╔═╗╦ ╔═╗ ╔╗ ╔═╗╔═╗╔═╗╔╦╗ ╔═╗╔═╗╔═╗╔═╗╔═╗╔═╗ ╔═╗╔═╗╔╗╔╔╦╗╦═╗╔═╗╦ +# ╠╦╝║ ║║ ║╣───╠╩╗╠═╣╚═╗║╣ ║║ ╠═╣║ ║ ║╣ ╚═╗╚═╗ ║ ║ ║║║║ ║ ╠╦╝║ ║║ +# ╩╚═╚═╝╩═╝╚═╝ ╚═╝╩ ╩╚═╝╚═╝═╩╝ ╩ ╩╚═╝╚═╝╚═╝╚═╝╚═╝ ╚═╝╚═╝╝╚╝ ╩ ╩╚═╚═╝╩═╝ +- industryName: Role-based access control + documentationUrl: https://fleetdm.com/docs/using-fleet/manage-access#manage-access + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Endpoint operations] + usualDepartment: IT + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔═╗╔═╗╦ ╦╔═╗╦ ╦ ╔═╗╔═╗╔═╗╦═╗╦╔╗╔╔═╗ +# ╠═╝║ ║║ ║║ ╚╦╝ ╚═╗║ ║ ║╠╦╝║║║║║ ╦ +# ╩ ╚═╝╩═╝╩╚═╝ ╩ ╚═╝╚═╝╚═╝╩╚═╩╝╚╝╚═╝ +- industryName: Policy scoring + documentationUrl: + friendlyName: Mark policies as critical productCategories: [Endpoint operations,Device management] pricingTableCategories: [Endpoint operations] usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -# ╦ ╦╔═╗╔╗ ╦ ╦╔═╗╔═╗╦╔═╔═╗ -# ║║║║╣ ╠╩╗╠═╣║ ║║ ║╠╩╗╚═╗ -# ╚╩╝╚═╝╚═╝╩ ╩╚═╝╚═╝╩ ╩╚═╝ -- industryName: Webhooks - friendlyName: Automations - documentationUrl: https://fleetdm.com/docs/using-fleet/automations#automations - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Integrations] - usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -# ╔╦╗╔═╗╔═╗╔═╗ ╔═╗╦ ╦╔╦╗╔═╗╔╦╗╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ -# ║║║╣ ║╣ ╠═╝ ╠═╣║ ║ ║ ║ ║║║║╠═╣ ║ ║║ ║║║║╚═╗ -# ═╩╝╚═╝╚═╝╩ ╩ ╩╚═╝ ╩ ╚═╝╩ ╩╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝ -- industryName: Deep automations - friendlyName: Trigger webhooks or run scripts - documentationUrl: https://fleetdm.com/docs/using-fleet/automations#automations - description: Fire off webhooks or run scripts on hosts when certain things happen in Fleet. - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Integrations] - comingSoonOn: 2024-06-30 - tier: Free - buzzwords: [Automated remediation,Auto-remediation,Self-healing] + tier: Premium + jamfProHasFeature: no + jamfProtectHasFeature: no waysToUse: - - description: Use policy automations to automatically remediate issues and mitigate vulnerabilities. - - description: Use osquery and santa to work around inflexibilities in proprietary MDMs and other protection solutions. - - description: Listen to webhooks to perform autonomous self-healing (cloud security engineering) - moreInfoUrl: https://www.fugue.co/blog/automated-remediation-scripts-vs.-self-healing-infrastructure-two-approaches-to-cloud-security + - description: Block access to corporate apps if your end users are failing a specific number of critical policies. + moreInfoUrl: https://github.com/fleetdm/fleet/issues/16206 +# +# +# ███████╗██╗ ██╗██████╗ ██████╗ ██████╗ ██████╗ ████████╗ +# ██╔════╝██║ ██║██╔══██╗██╔══██╗██╔═══██╗██╔══██╗╚══██╔══╝ +# ███████╗██║ ██║██████╔╝██████╔╝██║ ██║██████╔╝ ██║ +# ╚════██║██║ ██║██╔═══╝ ██╔═══╝ ██║ ██║██╔══██╗ ██║ +# ███████║╚██████╔╝██║ ██║ ╚██████╔╝██║ ██║ ██║ +# ╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ +# +# +# ╔═╗╔═╗╔═╗╔╗╔ ╔═╗╔═╗╦ ╦╦═╗╔═╗╔═╗ ╦╔═╗╔═╗╦ ╦╔═╗ ╔╦╗╦═╗╔═╗╔═╗╦╔═╔═╗╦═╗ ╔═╗╦╔╦╗╦ ╦╦ ╦╔╗ +# ║ ║╠═╝║╣ ║║║───╚═╗║ ║║ ║╠╦╝║ ║╣ ║╚═╗╚═╗║ ║║╣ ║ ╠╦╝╠═╣║ ╠╩╗║╣ ╠╦╝ ║ ╦║ ║ ╠═╣║ ║╠╩╗ +# ╚═╝╩ ╚═╝╝╚╝ ╚═╝╚═╝╚═╝╩╚═╚═╝╚═╝ ╩╚═╝╚═╝╚═╝╚═╝ ╩ ╩╚═╩ ╩╚═╝╩ ╩╚═╝╩╚═ ╚═╝╩ ╩ ╩ ╩╚═╝╚═╝ +- industryName: Open-source issue tracker (GitHub) + documentationUrl: https://fleetdm.com/support + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Support] + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: no +# +# ╔═╗╔═╗╔╦╗╔╦╗╦ ╦╔╗╔╦╔╦╗╦ ╦ ╔═╗╦ ╔═╗╔═╗╦╔═ ╔═╗╦ ╦╔═╗╔╗╔╔╗╔╔═╗╦ +# ║ ║ ║║║║║║║║ ║║║║║ ║ ╚╦╝ ╚═╗║ ╠═╣║ ╠╩╗ ║ ╠═╣╠═╣║║║║║║║╣ ║ +# ╚═╝╚═╝╩ ╩╩ ╩╚═╝╝╚╝╩ ╩ ╩ ╚═╝╩═╝╩ ╩╚═╝╩ ╩ ╚═╝╩ ╩╩ ╩╝╚╝╝╚╝╚═╝╩═╝ +- industryName: Community Slack channel + documentationUrl: https://fleetdm.com/support + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Support] + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╦ ╦╔╗╔╦ ╦╔╦╗╦╔╦╗╔═╗╔╦╗ ╔═╗╔╦╗╔═╗╦╦ ╔═╗╦ ╦╔═╗╔═╗╔═╗╦═╗╔╦╗ +# ║ ║║║║║ ║║║║║ ║ ║╣ ║║ ║╣ ║║║╠═╣║║ ╚═╗║ ║╠═╝╠═╝║ ║╠╦╝ ║ +# ╚═╝╝╚╝╩═╝╩╩ ╩╩ ╩ ╚═╝═╩╝ ╚═╝╩ ╩╩ ╩╩╩═╝ ╚═╝╚═╝╩ ╩ ╚═╝╩╚═ ╩ +- industryName: Unlimited email support (confidential) + documentationUrl: https://fleetdm.com/support + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Support] + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔═╗╦ ╦╔═╗╔╗╔╔═╗ ╔═╗╔╗╔╔╦╗ ╦ ╦╦╔╦╗╔═╗╔═╗ ╔═╗╔═╗╦ ╦ ╔═╗╦ ╦╔═╗╔═╗╔═╗╦═╗╔╦╗ +# ╠═╝╠═╣║ ║║║║║╣ ╠═╣║║║ ║║ ╚╗╔╝║ ║║║╣ ║ ║ ║ ╠═╣║ ║ ╚═╗║ ║╠═╝╠═╝║ ║╠╦╝ ║ +# ╩ ╩ ╩╚═╝╝╚╝╚═╝ ╩ ╩╝╚╝═╩╝ ╚╝ ╩═╩╝╚═╝╚═╝ ╚═╝╩ ╩╩═╝╩═╝ ╚═╝╚═╝╩ ╩ ╚═╝╩╚═ ╩ +- industryName: Phone and video call support + documentationUrl: https://fleetdm.com/support + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Support] + tier: Premium + jamfProHasFeature: no + jamfProtectHasFeature: no +# +# ██████╗ ███████╗██████╗ ██╗ ██████╗ ██╗ ██╗███╗ ███╗███████╗███╗ ██╗████████╗ +# ██╔══██╗██╔════╝██╔══██╗██║ ██╔═══██╗╚██╗ ██╔╝████╗ ████║██╔════╝████╗ ██║╚══██╔══╝ +# ██║ ██║█████╗ ██████╔╝██║ ██║ ██║ ╚████╔╝ ██╔████╔██║█████╗ ██╔██╗ ██║ ██║ +# ██║ ██║██╔══╝ ██╔═══╝ ██║ ██║ ██║ ╚██╔╝ ██║╚██╔╝██║██╔══╝ ██║╚██╗██║ ██║ +# ██████╔╝███████╗██║ ███████╗╚██████╔╝ ██║ ██║ ╚═╝ ██║███████╗██║ ╚████║ ██║ +# ╚═════╝ ╚══════╝╚═╝ ╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═══╝ ╚═╝ +# +# # ╔═╗╦╔╦╗╔═╗╔═╗╔═╗ # ║ ╦║ ║ ║ ║╠═╝╚═╗ # ╚═╝╩ ╩ ╚═╝╩ ╚═╝ @@ -508,9 +1292,115 @@ description: A top savings and investment company wanted workflows and automation so that one bad actor can't brick their fleet. This way, they have to make a pull request first. quote: I don't want one bad actor to brick my fleet. I want them to make a pull request first. moreInfoUrl: https://docs.google.com/document/d/1hAQL6P--Tt3syq1MTRONAxhQA_2Vjt3oOJJt_O4xbiE/edit?disco=AAABAVnYvns&usp_dm=true#heading=h.7en766pueek4 - # ╔═╗╦═╗╔═╗╔═╗ ╦╔╗╔╔╦╗╔═╗╔═╗╦═╗╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ - # ╠╣ ╠╦╝║╣ ║╣ ║║║║ ║ ║╣ ║ ╦╠╦╝╠═╣ ║ ║║ ║║║║╚═╗ - # ╚ ╩╚═╚═╝╚═╝ ╩╝╚╝ ╩ ╚═╝╚═╝╩╚═╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝ +# +# ╔═╗╔═╗╦ ╔═╗ ╦ ╦╔═╗╔═╗╔╦╗╔═╗╔╦╗ +# ╚═╗║╣ ║ ╠╣───╠═╣║ ║╚═╗ ║ ║╣ ║║ +# ╚═╝╚═╝╩═╝╚ ╩ ╩╚═╝╚═╝ ╩ ╚═╝═╩╝ +- industryName: Self-hosted + friendlyName: Host it yourself + description: Deploy Fleet anywhere and host it yourself, even in air-gapped environments except where technologically impossible. + pricingTableCategories: [Deployment] + documentationUrl: https://fleetdm.com/docs/deploy/introduction + productCategories: [Endpoint operations,Device management,Vulnerability management] + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no + buzzwords: [Self-hosted] +# +# ╔╦╗╔═╗╔═╗╦ ╔═╗╦ ╦╔╦╗╔═╗╔╗╔╔╦╗ ╔╦╗╔═╗╔═╗╦ ╔═╗ ╔╦╗╔═╗╦═╗╦═╗╔═╗╔═╗╔═╗╦═╗╔╦╗ ╦ ╦╔═╗╦ ╔╦╗ +# ║║║╣ ╠═╝║ ║ ║╚╦╝║║║║╣ ║║║ ║ ║ ║ ║║ ║║ ╚═╗ ║ ║╣ ╠╦╝╠╦╝╠═╣╠╣ ║ ║╠╦╝║║║ ╠═╣║╣ ║ ║║║ +# ═╩╝╚═╝╩ ╩═╝╚═╝ ╩ ╩ ╩╚═╝╝╚╝ ╩ ╩ ╚═╝╚═╝╩═╝╚═╝ ╩ ╚═╝╩╚═╩╚═╩ ╩╚ ╚═╝╩╚═╩ ╩┘ ╩ ╩╚═╝╩═╝╩ ╩ +- industryName: Deployment tools (Terraform, Helm) + documentationUrl: https://fleetdm.com/docs/deploy/introduction + usualDepartment: IT + tier: Free + jamfProHasFeature: no + jamfProtectHasFeature: no + productCategories: [Endpoint operations] + pricingTableCategories: [Deployment] +# +# ╔╦╗╔═╗╔╗╔╔═╗╔═╗╔═╗╔╦╗ ╔═╗╦ ╔═╗╦ ╦╔╦╗ +# ║║║╠═╣║║║╠═╣║ ╦║╣ ║║ ║ ║ ║ ║║ ║ ║║ +# ╩ ╩╩ ╩╝╚╝╩ ╩╚═╝╚═╝═╩╝ ╚═╝╩═╝╚═╝╚═╝═╩╝ +- industryName: Managed Cloud + description: Have Fleet host it for you (currently only available for customers with 700+ hosts. PS. Wish we could host for you? We're working on it! Please let us know if you know of a good partner. In the meantime, join fleetdm.com/support and we're happy to help you deploy Fleet yourself.) + pricingTableCategories: [Deployment] + productCategories: [Endpoint operations,Device management,Vulnerability management] + tier: Premium + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔╦╗╦ ╦╦ ╔╦╗╦ ╔╦╗╔═╗╔╗╔╔═╗╔╗╔╔═╗╦ ╦ +# ║║║║ ║║ ║ ║───║ ║╣ ║║║╠═╣║║║║ ╚╦╝ +# ╩ ╩╚═╝╩═╝╩ ╩ ╩ ╚═╝╝╚╝╩ ╩╝╚╝╚═╝ ╩ +- industryName: Multi-tenancy + description: For managed service providers to use a single instance of Fleet for multiple customers. + documentationUrl: https://github.com/fleetdm/fleet/issues/9956 #customer-deebradel + productCategories: [Device management] + pricingTableCategories: [Deployment] + usualDepartment: IT + buzzwords: [OEM,Private label,House brand,Clear label,Multi-tenancy] + tier: Premium + comingSoonOn: 2024-08-26 +# +# ██╗███╗ ██╗████████╗███████╗ ██████╗ ██████╗ █████╗ ████████╗██╗ ██████╗ ███╗ ██╗███████╗ +# ██║████╗ ██║╚══██╔══╝██╔════╝██╔════╝ ██╔══██╗██╔══██╗╚══██╔══╝██║██╔═══██╗████╗ ██║██╔════╝ +# ██║██╔██╗ ██║ ██║ █████╗ ██║ ███╗██████╔╝███████║ ██║ ██║██║ ██║██╔██╗ ██║███████╗ +# ██║██║╚██╗██║ ██║ ██╔══╝ ██║ ██║██╔══██╗██╔══██║ ██║ ██║██║ ██║██║╚██╗██║╚════██║ +# ██║██║ ╚████║ ██║ ███████╗╚██████╔╝██║ ██║██║ ██║ ██║ ██║╚██████╔╝██║ ╚████║███████║ +# ╚═╝╚═╝ ╚═══╝ ╚═╝ ╚══════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝╚══════╝ +# +# +# ╦═╗╔═╗╔═╗╔╦╗ ╔═╗╔═╗╦ +# ╠╦╝║╣ ╚═╗ ║ ╠═╣╠═╝║ +# ╩╚═╚═╝╚═╝ ╩ ╩ ╩╩ ╩ +- industryName: REST API + friendlyName: Automate any feature + description: + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Integrations] + usualDepartment: IT + documentationUrl: https://fleetdm.com/docs/rest-api/rest-api + screenshotSrc: + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes + dri: rachaelshaw +# +# ╦ ╦╔═╗╔╗ ╦ ╦╔═╗╔═╗╦╔═╔═╗ +# ║║║║╣ ╠╩╗╠═╣║ ║║ ║╠╩╗╚═╗ +# ╚╩╝╚═╝╚═╝╩ ╩╚═╝╚═╝╩ ╩╚═╝ +- industryName: Webhooks + friendlyName: Automations + documentationUrl: https://fleetdm.com/docs/using-fleet/automations#automations + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Integrations] + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: yes +# +# ╔╦╗╔═╗╔═╗╔═╗ ╔═╗╦ ╦╔╦╗╔═╗╔╦╗╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ +# ║║║╣ ║╣ ╠═╝ ╠═╣║ ║ ║ ║ ║║║║╠═╣ ║ ║║ ║║║║╚═╗ +# ═╩╝╚═╝╚═╝╩ ╩ ╩╚═╝ ╩ ╚═╝╩ ╩╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝ +- industryName: Deep automations + friendlyName: Trigger webhooks or run scripts + documentationUrl: https://fleetdm.com/docs/using-fleet/automations#automations + description: Fire off webhooks or run scripts on hosts when certain things happen in Fleet. + productCategories: [Endpoint operations,Device management,Vulnerability management] + pricingTableCategories: [Integrations] + comingSoonOn: 2024-06-30 + tier: Free + buzzwords: [Automated remediation,Auto-remediation,Self-healing] + waysToUse: + - description: Use policy automations to automatically remediate issues and mitigate vulnerabilities. + - description: Use osquery and santa to work around inflexibilities in proprietary MDMs and other protection solutions. + - description: Listen to webhooks to perform autonomous self-healing (cloud security engineering) + moreInfoUrl: https://www.fugue.co/blog/automated-remediation-scripts-vs.-self-healing-infrastructure-two-approaches-to-cloud-security +# +# ╦╔╗╔╔╦╗╔═╗╔═╗╦═╗╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ +# ║║║║ ║ ║╣ ║ ╦╠╦╝╠═╣ ║ ║║ ║║║║╚═╗ +# ╩╝╚╝ ╩ ╚═╝╚═╝╩╚═╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝ - industryName: Integrations (Tines, Snowflake, Terraform, Chronicle, Jira, Zendesk, etc) friendlyName: Borrow off-the-shelf tactics from the community documentationUrl: https://fleetdm.com/integrations @@ -542,9 +1432,10 @@ - description: (Zendesk) Automatically create Zendesk tickets in various situations. - description: (Jira) Automatically create Jira tickets in various situations, including exporting vulnerabilities to Jira and syncing tickets. buzzwords: [Snowflake,Okta,Tines,Splunk,Elastic,AWS,ActiveDirectory,Ansible,GitHub,GitLab,Chronicle,Google Cloud,Munki,Vanta,Chef,Zendesk,Jira] - # ╔═╗╦═╗╔═╗╔╦╗╦╦ ╦╔╦╗ ╦╔╗╔╔╦╗╔═╗╔═╗╦═╗╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ - # ╠═╝╠╦╝║╣ ║║║║║ ║║║║ ║║║║ ║ ║╣ ║ ╦╠╦╝╠═╣ ║ ║║ ║║║║╚═╗ - # ╩ ╩╚═╚═╝╩ ╩╩╚═╝╩ ╩ ╩╝╚╝ ╩ ╚═╝╚═╝╩╚═╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝ +# +# ╔═╗╦═╗╔═╗╔╦╗╦╦ ╦╔╦╗ ╦╔╗╔╔╦╗╔═╗╔═╗╦═╗╔═╗╔╦╗╦╔═╗╔╗╔╔═╗ +# ╠═╝╠╦╝║╣ ║║║║║ ║║║║ ║║║║ ║ ║╣ ║ ╦╠╦╝╠═╣ ║ ║║ ║║║║╚═╗ +# ╩ ╩╚═╚═╝╩ ╩╩╚═╝╩ ╩ ╩╝╚╝ ╩ ╚═╝╚═╝╩╚═╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝ - industryName: Premium integrations (Puppet, Vanta, etc) friendlyName: Borrow off-the-shelf tactics from legendary brands documentationUrl: https://fleetdm.com/integrations @@ -560,558 +1451,10 @@ - description: (Torq) Build custom workflows that trigger in various situations. - description: (Custom IdP) Manage access to Fleet single sign-on (SSO) through any IdP (using SAML). buzzwords: [Vanta,Puppet,Custom IdP] -- industryName: Open-source issue tracker (GitHub) - documentationUrl: https://fleetdm.com/support - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Support] - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: no -- industryName: Community Slack channel - documentationUrl: https://fleetdm.com/support - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Support] - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Unlimited email support (confidential) - documentationUrl: https://fleetdm.com/support - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Support] - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Phone and video call support - documentationUrl: https://fleetdm.com/support - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Support] - tier: Premium - jamfProHasFeature: no - jamfProtectHasFeature: no -- industryName: Self-hosted - friendlyName: Host it yourself - description: Deploy Fleet anywhere and host it yourself, even in air-gapped environments except where technologically impossible. - pricingTableCategories: [Deployment] - documentationUrl: https://fleetdm.com/docs/deploy/introduction - productCategories: [Endpoint operations,Device management,Vulnerability management] - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no - buzzwords: [Self-hosted] -- industryName: Deployment tools (Terraform, Helm) - documentationUrl: https://fleetdm.com/docs/deploy/introduction - usualDepartment: IT - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: no - productCategories: [Endpoint operations] - pricingTableCategories: [Deployment] -- industryName: Managed Cloud - description: Have Fleet host it for you (currently only available for customers with 700+ hosts. PS. Wish we could host for you? We're working on it! Please let us know if you know of a good partner. In the meantime, join fleetdm.com/support and we're happy to help you deploy Fleet yourself.) - pricingTableCategories: [Deployment] - productCategories: [Endpoint operations,Device management,Vulnerability management] - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: MDM migration # « end-user initiated MDM migration, with interactive UI - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: no - documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-migration-guide#migrate-automatically-enrolled-dep-hosts - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] -- industryName: Enforce OS settings - description: MDM support for macOS, iOS/iPadOS, Windows, and Android (coming soon) devices. Management support for Linux. - documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-custom-os-settings - usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no - waysToUse: - - description: Deploy configuration profiles on macOS and Windows and verify that they're installed. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/13281 - - description: Deploy custom declaration (DDM) profiles on macOS. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/14550 - - description: Target profiles to specific hosts using SQL. Exclusions coming soon (2024-07-15) #customer-rosner - moreInfoUrl: https://github.com/fleetdm/fleet/issues/17315 - - description: Automatically re-deploy configuration profiles when they're not installed. - - description: Deploy configuration profiles on iOS/iPadOS. Coming soon (2024-07-15). - - description: See a list of the upcoming MDM commands and scripts in unified queue. Coming soon (2024-07-15) - moreInfoUrl: https://github.com/fleetdm/fleet/issues/15920 - - description: MDM commands for iOS/iPadOS are coming soon (2024-07-15). - productCategories: [Device management] - pricingTableCategories: [Device management] -- industryName: Device remediation - description: Use Fleet Policies to detect the device state. Automate remediations for issues or allow users to remediate problems in self-service. - documentationUrl: https://fleetdm.com/docs/using-fleet/fleet-desktop - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: no - usualDepartment: IT - productCategories: [Device management, Vulnerability management] - pricingTableCategories: [Device management] - waysToUse: - - description: Send software vulnerability emails to end users to encourage self-remediation. -- industryName: BYOD enrollment - description: BYOD enrollment for macOS, iOS/iPadOS (coming soon), Windows, and Android (coming soon) devices. - documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-migration-guide#migrate-manually-enrolled-hosts - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] - waysToUse: - - description: Support ACME as a protocol for MDM certificate generation. Coming soon (2024-12-31) #customer-rosner - moreInfoUrl: https://github.com/fleetdm/fleet/issues/15611 -- industryName: Zero-touch setup - description: Zero-touch setup for macOS, iOS/iPadOS (coming soon), and Windows. - documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-macos-setup-experience - tier: Premium - jamfProHasFeature: appleOnly - jamfProtectHasFeature: no - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] - waysToUse: - - description: Zero-touch for iOS/iPadOS is coming soon (2024-07-15). - - description: Ship a macOS workstation to the end user's home and have them automatically enroll to Fleet during out-of-the-box setup. - - description: Ship a Windows workstation to the end user's home and have them automatically enroll to Fleet during out-of-the-box setup. - - description: Customize the out-of-the-box setup experience for your end users. - - description: Install a bootstrap package to run custom scripts during the setup experience. Store the bootstrap package outside the Fleet database coming soon (2024-09-15) #customer-faltona - moreInfoUrl: https://github.com/fleetdm/fleet/issues/19037 - - description: Require end users to authenticate with your identity provider (IdP) and agree to an end user license agreement (EULA) before they can use their new workstation -- industryName: Enforce operating system (OS) updates - description: Keep operating systems up to date for macOS, iOS/iPadOS, Windows, and Android (coming soon) devices. - documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-macos-updates - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: no - usualDepartment: IT - productCategories: [Device management,Vulnerability management] - pricingTableCategories: [Device management] - waysToUse: - - description: Enforce macOS updates via Nudge. - - description: Progressively enhance from Nudge to DDM-based OS updates. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/17295 - - description: Automatically update Windows after the end user reaches a deadline. - - description: Send MDM commands to tell end users to update their OS. - moreInfoUrl: https://developer.apple.com/documentation/devicemanagement/schedule_an_os_update -- industryName: Send lock and wipe commands - documentationUrl: https://fleetdm.com/docs/using-fleet/mdm-commands - waysToUse: - - description: High-level remote lock for macOS, Windows, and Linux. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/9949 - - description: High-level remote wipe for macOS, Windows, and Linux. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/9951 - tier: Premium - jamfProHasFeature: appleOnly - jamfProtectHasFeature: no - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] -- industryName: Application management - description: Manage updates and patches for apps on macOS, Windows, and Linux computers. - tier: Premium - jamfProHasFeature: appleOnly - jamfProtectHasFeature: no - comingSoonOn: 2024-07-15 - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] - moreInfoUrl: https://github.com/fleetdm/fleet/issues/18865 -- industryName: Self service application installation - description: Allow end users to install apps through Fleet Desktop for macOS, Linux, and Windows. - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: no - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] - moreInfoUrl: https://github.com/fleetdm/fleet/issues/17587 -- industryName: Software inventory - documentationUrl: https://fleetdm.com/docs/get-started/anatomy#software-library - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - waysToUse: - - description: Implement software inventory recommendations from the SANS 20 / CIS 18. - moreInfoUrl: https://docs.google.com/document/d/1E6EQMMqrsRc6Z3YsR6Q33OaF9eAa8zLNaz4K2YzFdyo/edit#heading=h.7en766pueek4 - - description: View a list of all software and their versions installed on all your hosts. - - description: View a list of software rolled up by title. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/14674 -- industryName: Hardware inventory - documentationUrl: https://fleetdm.com/tables/system_info - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no - waysToUse: - - description: Implement hardware and infrastructure inventory recommendations from the SANS 20 / CIS 18. - moreInfoUrl: https://docs.google.com/document/d/1E6EQMMqrsRc6Z3YsR6Q33OaF9eAa8zLNaz4K2YzFdyo/edit#heading=h.7en766pueek4 -- industryName: Device inventory dashboard - documentationUrl: - productCategories: [Endpoint operations,Device management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Browse installed software packages - documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#software - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no -- industryName: Search devices by IP, serial, hostname, UUID - documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#hosts - productCategories: [Endpoint operations,Device management] - pricingTableCategories: [Endpoint operations] - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Labels (SQL-driven) - documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#add-label - friendlyName: Filter hosts using SQL - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: no -- industryName: Device inventory - description: The device inventory allows help desk technicians to view custom device data. - documentationUrl: https://fleetdm.com/securing/end-user-self-remediation#set-your-enforcement-standards - moreInfoUrl: https://github.com/fleetdm/fleet/issues/14415 - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes - usualDepartment: IT - productCategories: [Endpoint operations,Device management] - pricingTableCategories: [Device management] -- industryName: Baselines (device groups) - friendlyName: Manage different endpoints differently - documentationUrl: https://fleetdm.com/docs/using-fleet/segment-hosts - description: Set baselines and strategies for hosts in different situations called "teams", and move hosts between them via API-driven automations or a simple, delegatable user interface with role-based access. - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - waysToUse: - - description: Automate remediation for different applications with different security postures (cloud security engineering) -- industryName: Generate reports for groups of devices - documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#get-query-report - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Versionable queries and config (GitOps) - documentationUrl: https://fleetdm.com/guides/using-github-actions-to-apply-configuration-profiles-with-fleet#basic-article - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: no - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - demos: - - description: A top financial services company needed to set up rolling deployments for changes to osquery agents running on their production servers. - moreInfoUrl: https://docs.google.com/document/d/1UdzZMyBLbs9SUXfSXN2x2wZQCbjZZUetYlNWH6-ryqQ/edit#heading=h.2lh6ehprpvl6 -- industryName: Scope transparency - tier: Free - documentationUrl: https://fleetdm.com/transparency - productCategories: [Endpoint operations] - pricingTableCategories: [Endpoint operations] -- industryName: Single sign on (SSO, SAML) - documentationUrl: https://fleetdm.com/docs/deploy/single-sign-on-sso#single-sign-on-sso - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Two-factor authentication - moreInfoUrl: https://github.com/fleetdm/fleet/issues/5478 - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes - waysToUse: - - description: Enforce two-factor authentication when logging in to Fleet for added security. - comingSoonOn: 2024-12-31 #customer-rosner -- industryName: Enforce disk encryption - documentationURL: https://fleetdm.com/docs/using-fleet/mdm-disk-encryption - friendlyName: Ensure hard disks are encrypted - productCategories: [Device management] - pricingTableCategories: [Device management] - usualDepartment: Security - description: Encrypt hard disks of macOS and Windows computers, manage escrowed encryption keys, and report on disk encryption status (FileVault, BitLocker). - tier: Premium - jamfProHasFeature: appleOnly - jamfProtectHasFeature: no - waysToUse: - - description: Report on disk encryption status - - description: Encrypt hard disks on macOS with FileVault - - description: Escrow FileVault keys on macOS - - description: Encrypt hard disks on Windows with BitLocker. -- industryName: Grant API-only access - documentationUrl: https://fleetdm.com/docs/using-fleet/fleetctl-cli#using-fleetctl-with-an-api-only-user - productCategories: [Endpoint operations] - pricingTableCategories: [Endpoint operations] - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Audit log of activity (queries, scripts, logins, etc) - documentationUrl: https://fleetdm.com/docs/rest-api/rest-api#list-activities - productCategories: [Endpoint operations, Device management] - pricingTableCategories: [Endpoint operations] - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes - usualDepartment: Security - waysToUse: - - description: Export activity of Fleet admins to your SIEM or data lake -- industryName: Just-in-time (JIT) provisioning - documentationUrl: https://fleetdm.com/docs/deploy/single-sign-on-sso#just-in-time-jit-user-provisioning - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: no -- industryName: System for Cross-domain Identity Management (SCIM) provisioning - moreInfoUrl: https://github.com/fleetdm/fleet/issues/15671 - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Premium - comingSoonOn: 2024-12-31 #customer-rosner -- industryName: User account sync - description: Sync user accounts via Okta, AD, or any IDP. - documentationUrl: - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Device management] - usualDepartment: IT - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes - waysToUse: - - description: Automatically set admin access to Fleet based on your IDP -- industryName: Multi-tenancy - description: For managed service providers to use a single instance of Fleet for multiple customers. - documentationUrl: https://github.com/fleetdm/fleet/issues/9956 #customer-deebradel - productCategories: [Device management] - pricingTableCategories: [Deployment] - usualDepartment: IT - buzzwords: [OEM,Private label,House brand,Clear label,Multi-tenancy] - tier: Premium - comingSoonOn: 2024-08-26 -- industryName: Trigger a workflow based on a failing policy - documentationUrl: https://fleetdm.com/docs/using-fleet/automations#policy-automations - productCategories: [Endpoint operations,Device management] - pricingTableCategories: [Integrations] - usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: no -- industryName: Role-based access control - documentationUrl: https://fleetdm.com/docs/using-fleet/manage-access#manage-access - productCategories: [Endpoint operations,Device management,Vulnerability management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes -# ╦═╗╦╔═╗╦╔═ ╔╗ ╔═╗╔═╗╔═╗╔╦╗ ╦ ╦╦ ╦╦ ╔╗╔╔═╗╦═╗╔═╗╔╗ ╦╦ ╦╔╦╗╦ ╦ ╔╦╗╔═╗╔╗╔╔═╗╔═╗╔═╗╔╦╗╔═╗╔╗╔╔╦╗ -# ╠╦╝║╚═╗╠╩╗───╠╩╗╠═╣╚═╗║╣ ║║ ╚╗╔╝║ ║║ ║║║║╣ ╠╦╝╠═╣╠╩╗║║ ║ ║ ╚╦╝ ║║║╠═╣║║║╠═╣║ ╦║╣ ║║║║╣ ║║║ ║ -# ╩╚═╩╚═╝╩ ╩ ╚═╝╩ ╩╚═╝╚═╝═╩╝ ╚╝ ╚═╝╩═╝╝╚╝╚═╝╩╚═╩ ╩╚═╝╩╩═╝╩ ╩ ╩ ╩ ╩╩ ╩╝╚╝╩ ╩╚═╝╚═╝╩ ╩╚═╝╝╚╝ ╩ -- industryName: Continuous scanning - friendlyName: Detect vulnerable software - documentationUrl: https://fleetdm.com/vulnerability-management - productCategories: [Vulnerability management] - pricingTableCategories: [Vulnerability management] - usualDepartment: Security - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: yes - buzzwords: [Stakeholder-specific vulnerability categorization (SSVC),Continuous scanning,Continuous vulnerability scanning,Risk-based vulnerability management] - waysToUse: - - description: 'Use an SSVC decision tree model to prioritize relevant vulnerabilities into four possible decisions: "Track", "Track*", "Attend", and "Act".' - moreInfoUrl: https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc - - description: 'Balint Fazakas: I think what offers a better use of CVSS if you break it down to vectors. You may find that a DoS (High Availability Impact) not as relevant for you, or equally a vulnerability requiring user interaction has a very low likelihood of exploit in another scenario. If you want to fine tune your SSVC, it worth using the vectors you care about instead of the score itself. But ultimately you would want to read the description of the vulnerabilities to determine the risk they are posing to your environment. SSVC can assist you to do that in a more efficient way.' - moreInfoUrl: https://www.linkedin.com/feed/update/urn:li:activity:7162614115025215488?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7162614115025215488%2C7162681703918985216%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287162681703918985216%2Curn%3Ali%3Aactivity%3A7162614115025215488%29 - - description: 'Melissa Bischoping: CVSS is never enough to contextualize the urgency or risk of a vulnerability in your environment. It is one metric that needs to be part of an overall risk calculus, but a CVSS of 6 can be a greater threat in your organization than a CVSS of 10 based on the environmental variables and mitigations. Only two 10.0s here, but several lower severity that are resulting in high-impact breaches. Getting a handle on managing that public facing infrastructure and being able to rapidly patch the apps and devices with such exposure needs to be part of an overall plan, but must go hand in hand with mitigations and layers of a zero trust design. CVSS isn’t the sole determination of risk, it’s only one partial piece of data to understand the impact of a vulnerability if exploited.' - moreInfoUrl: https://www.linkedin.com/feed/update/urn:li:activity:7162614115025215488?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A7162614115025215488%2C7162629486344159232%29&dashCommentUrn=urn%3Ali%3Afsd_comment%3A%287162629486344159232%2Curn%3Ali%3Aactivity%3A7162614115025215488%29 - demos: - - description: A top gaming company wanted to replace Qualys for infrastructure vulnerability detection. - quote: So we have some stuff today through Qualys, but it's just not very good. A lot of it is...it's just really noisy. I'm trying to find out specifically, actually what packages are installed where, and then the ability to live query them. - moreInfoUrl: https://docs.google.com/document/d/1JWtRsW1FUTCkZEESJj9-CvXjLXK4219by-C6vvVVyBY/edit - - description: One of the world's largest, top transportation companies uses Fleet's API to email relevant, actually-installed vulnerabilities to responsible teams so they can fix them. - moreInfoUrl: https://docs.google.com/document/d/1oeCmT077o_5nxzLhnxs7kcg_4Qn1Pn1F5zx10nQOAp8/edit -# ╦ ╦╦ ╦╦ ╔╗╔╔═╗╦═╗╔═╗╔╗ ╦╦ ╦╔╦╗╦ ╦ ╔╦╗╔═╗╔═╗╦ ╦╔╗ ╔═╗╔═╗╦═╗╔╦╗ -# ╚╗╔╝║ ║║ ║║║║╣ ╠╦╝╠═╣╠╩╗║║ ║ ║ ╚╦╝ ║║╠═╣╚═╗╠═╣╠╩╗║ ║╠═╣╠╦╝ ║║ -# ╚╝ ╚═╝╩═╝╝╚╝╚═╝╩╚═╩ ╩╚═╝╩╩═╝╩ ╩ ╩ ═╩╝╩ ╩╚═╝╩ ╩╚═╝╚═╝╩ ╩╩╚══╩╝ -- industryName: Vulnerability dashboard - friendlyName: Vulnerability dashboard - documentationUrl: https://fleetdm.com/vulnerability-management - productCategories: [Vulnerability management] - pricingTableCategories: [Vulnerability management] - usualDepartment: Security - tier: Premium - jamfProHasFeature: no - jamfProtectHasFeature: yes - demos: - - description: See a list of all vulnerabilities across your hosts. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/15919 - - description: AI generated CVSS v4 context. Coming soon (2024-12-31). - waysToUse: - - description: Easily communicate to executives regarding the progress of patching vulnerable software. Only show vulnerabilities that you care about. -# ╦ ╦╦ ╦╦ ╔╗╔╔═╗╦═╗╔═╗╔╗ ╦╦ ╦╔╦╗╦ ╦ ╔═╗╔═╗╔═╗╦═╗╔═╗╔═╗ ╔═╗╔═╗╔═╗╔═╗ ╔═╗╔╗╔╔╦╗ ╔═╗╦ ╦╔═╗╔═╗ -# ╚╗╔╝║ ║║ ║║║║╣ ╠╦╝╠═╣╠╩╗║║ ║ ║ ╚╦╝ ╚═╗║ ║ ║╠╦╝║╣ ╚═╗ ─── ║╣ ╠═╝╚═╗╚═╗ ╠═╣║║║ ║║ ║ ╚╗╔╝╚═╗╚═╗ -# ╚╝ ╚═╝╩═╝╝╚╝╚═╝╩╚═╩ ╩╚═╝╩╩═╝╩ ╩ ╩ ╚═╝╚═╝╚═╝╩╚═╚═╝╚═╝ ╚═╝╩ ╚═╝╚═╝ ╩ ╩╝╚╝═╩╝ ╚═╝ ╚╝ ╚═╝╚═╝ -- industryName: Vulnerability scores (EPSS and CVSS) - documentationUrl: https://fleetdm.com/vulnerability-management - tier: Premium - jamfProHasFeature: no - jamfProtectHasFeature: yes - usualDepartment: Security - productCategories: [Vulnerability management] - pricingTableCategories: [Vulnerability management] - buzzwords: [Risk scores,Cyber risk,Risk reduction,Security operations effectiveness,Peer benchmarking,Security program effectiveness,Risk-based exposure scoring,Threat context,Cyber exposure,Exposure quantification and benchmarking,Optimize security investments,Vulnerability assessment] - demos: - - description: Fleet enables a more modern, threat-first prioritization approach to vulnerability management. - quote: In reality, across our inventory of devices, it's unlikely to ever be exploited. I'd rather do that legwork on my team and then go and ask and prioritize work on these infrastructure teams that are already busy with things that could or could not be vulnerable. Being able to be more exact allows us to go to these teams less, which saves everybody time. - moreInfoUrl: https://www.youtube.com/watch?v=G5Ry_vQPaYc&t=131s - waysToUse: - - description: By leveraging EPSS (Exploit Prediction Scoring System), security professionals gain insight on the true risk behind rated CVEs. - - description: An Introduction to EPSS, The Exploit Prediction Scoring System - - moreInfoUrl: https://www.youtube.com/watch?v=vw1RlZCSRcQ - - description: By extracting metadata from the National Vulnerability Database (NVD) and Microsoft Security Response Center (MSRC), we can determine which version of software is no longer vulnerable. -# ╔═╗╦╔═╗╔═╗ ╦╔═╔═╗╦ ╦╔═╗ -# ║ ║╚═╗╠═╣ ╠╩╗║╣ ╚╗╔╝╚═╗ -# ╚═╝╩╚═╝╩ ╩ ╩ ╩╚═╝ ╚╝ ╚═╝ -- industryName: CISA KEVs (known exploited vulnerabilities) - documentationUrl: https://fleetdm.com/vulnerability-management - tier: Premium - jamfProHasFeature: no - jamfProtectHasFeature: yes - usualDepartment: Security - productCategories: [Vulnerability management] - pricingTableCategories: [Vulnerability management] - demos: - - description: - moreInfoUrl: - waysToUse: - - description: Help teams work on vulnerabilities that have actually been exploited (CISA KEVs) or have a high probability of being exploited (EPSS), or whatever is important in your environment. - - description: Use CISA KEVs for vulnerability management - - moreInfoUrl: https://www.youtube.com/watch?v=Z3mw2oxssYk -- industryName: Query performance monitoring - documentationUrl: https://fleetdm.com/docs/get-started/faq#will-fleet-slow-down-my-servers-what-about-my-employee-laptops - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: no - productCategories: [Endpoint operations] - pricingTableCategories: [Endpoint operations] - demos: - - description: A top software company needed to understand the performance impact of osquery queries before running them on all of their production Linux servers. - moreInfoUrl: https://docs.google.com/document/d/1WzMc8GJCRU6tTBb6gLsSTzFysqtXO8CtP2sXMPKgYSk/edit?disco=AAAA6xuVxGg - - description: A top software company wanted to detect regressions when adding/changing queries and fail builds if queries were too expensive. - moreInfoUrl: https://docs.google.com/document/d/1WzMc8GJCRU6tTBb6gLsSTzFysqtXO8CtP2sXMPKgYSk/edit?disco=AAAA6xuVxGg - waysToUse: - - description: Monitor performance for automated queries. - - description: Monitor performance for live queries. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/467 -- industryName: Detect and surface issues with devices (policies) - documentationUrl: https://fleetdm.com/docs/get-started/anatomy#policy - productCategories: [Endpoint operations,Device management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes -- industryName: Policy scoring - documentationUrl: - friendlyName: Mark policies as critical - productCategories: [Endpoint operations,Device management] - pricingTableCategories: [Endpoint operations] - usualDepartment: IT - tier: Premium - jamfProHasFeature: no - jamfProtectHasFeature: no - waysToUse: - - description: Block access to corporate apps if your end users are failing a specific number of critical policies. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/16206 -- industryName: Flexible log destinations (AWS Kinesis, Lambda, GCP, Kafka) - documentationUrl: https://fleetdm.com/docs/using-fleet/log-destinations#log-destinations - tier: Free - jamfProHasFeature: yes - jamfProtectHasFeature: yes - usualDepartment: Security - productCategories: [Endpoint operations] - pricingTableCategories: [Endpoint operations] - buzzwords: [Real-time export,Ship logs] -- industryName: File carving (AWS S3) - documentationUrl: https://fleetdm.com/docs/configuration/fleet-server-configuration#s-3-file-carving-backend - tier: Free - jamfProHasFeature: no - jamfProtectHasFeature: no - usualDepartment: Security - productCategories: [Endpoint operations] - pricingTableCategories: [Endpoint operations] -- industryName: Asset discovery - documentationUrl: - tier: Premium - comingSoonOn: 2024-06-30 - usualDepartment: Security - productCategories: [Vulnerability management] - pricingTableCategories: [Vulnerability management] -- industryName: Cross-platform MDM support (macOS, Windows, Linux) - tier: Premium - jamfProHasFeature: appleOnly - jamfProtectHasFeature: no - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] -- industryName: Apple Declarative Device Management (DDM) support for Configuration Profiles - tier: Premium - jamfProHasFeature: cloudOnly - jamfProtectHasFeature: cloudOnly - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] -- industryName: Targeted device scoping - description: Organize devices with Teams and Labels. - tier: Premium - jamfProHasFeature: yes - jamfProtectHasFeature: yes - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] -- industryName: Application deployment - description: Deploy applications and security agents on macOS, iOS/iPadOS, Linux, Windows, and Android (coming soon) devices. Additionally, install macOS and iOS/iPadOS apps from the App Store. - tier: Premium - jamfProHasFeature: appleOnly - jamfProtectHasFeature: no - waysToUse: - - description: Easily configure and install SentinelOne, Crowdstrike, and other security tools. - moreInfoUrl: https://github.com/fleetdm/fleet/issues/14921 - - description: Offer licenses for Photoshop and other App Sore apps for your end users. - - description: macOS coming soon (2024-07-15). #customer-rosner - moreInfoUrl: https://github.com/fleetdm/fleet/issues/18867 - - description: iOS/iPadOS coming soon (2024-08-11). - moreInfoUrl: https://github.com/fleetdm/fleet/issues/14899 - usualDepartment: IT - productCategories: [Device management] - pricingTableCategories: [Device management] +# +# ╔╦╗╦ ╦╔╗╔╦╔═╦ ╔═╗╔═╗╔╦╗╔═╗╔═╗╔╦╗╦╔╗ ╦╦ ╦╔╦╗╦ ╦ ╦╔╗╔╔╦╗╔═╗╔═╗╦═╗╔═╗╔╦╗╦╔═╗╔╗╔ +# ║║║║ ║║║║╠╩╗║ ║ ║ ║║║║╠═╝╠═╣ ║ ║╠╩╗║║ ║ ║ ╚╦╝ ║║║║ ║ ║╣ ║ ╦╠╦╝╠═╣ ║ ║║ ║║║║ +# ╩ ╩╚═╝╝╚╝╩ ╩╩ ╚═╝╚═╝╩ ╩╩ ╩ ╩ ╩ ╩╚═╝╩╩═╝╩ ╩ ╩ ╩╝╚╝ ╩ ╚═╝╚═╝╩╚═╩ ╩ ╩ ╩╚═╝╝╚╝ - industryName: Munki compatibility / integration tier: Premium jamfProHasFeature: yes @@ -1119,3 +1462,18 @@ usualDepartment: IT productCategories: [Device management] pricingTableCategories: [Integrations] +# +# ╔╦╗╦═╗╦╔═╗╔═╗╔═╗╦═╗ ╔═╗ ╦ ╦╔═╗╦═╗╦╔═╔═╗╦ ╔═╗╦ ╦ ╔╗ ╔═╗╔═╗╔═╗╔╦╗ ╔═╗╔╗╔ ╔═╗ +# ║ ╠╦╝║║ ╦║ ╦║╣ ╠╦╝ ╠═╣ ║║║║ ║╠╦╝╠╩╗╠╣ ║ ║ ║║║║ ╠╩╗╠═╣╚═╗║╣ ║║ ║ ║║║║ ╠═╣ +# ╩ ╩╚═╩╚═╝╚═╝╚═╝╩╚═ ╩ ╩ ╚╩╝╚═╝╩╚═╩ ╩╚ ╩═╝╚═╝╚╩╝ ╚═╝╩ ╩╚═╝╚═╝═╩╝ ╚═╝╝╚╝ ╩ ╩ +# ╔═╗╔═╗╦╦ ╦╔╗╔╔═╗ ╔═╗╔═╗╦ ╦╔═╗╦ ╦ +# ╠╣ ╠═╣║║ ║║║║║ ╦ ╠═╝║ ║║ ║║ ╚╦╝ +# ╚ ╩ ╩╩╩═╝╩╝╚╝╚═╝ ╩ ╚═╝╩═╝╩╚═╝ ╩ +- industryName: Trigger a workflow based on a failing policy + documentationUrl: https://fleetdm.com/docs/using-fleet/automations#policy-automations + productCategories: [Endpoint operations,Device management] + pricingTableCategories: [Integrations] + usualDepartment: IT + tier: Free + jamfProHasFeature: yes + jamfProtectHasFeature: no \ No newline at end of file diff --git a/website/api/controllers/view-pricing.js b/website/api/controllers/view-pricing.js index 867fecbcdd..e3c914e0ae 100644 --- a/website/api/controllers/view-pricing.js +++ b/website/api/controllers/view-pricing.js @@ -29,7 +29,7 @@ module.exports = { let pricingTable = []; - let pricingTableCategories = ['Support', 'Deployment', 'Integrations','Device management', 'Endpoint operations', 'Vulnerability management']; + let pricingTableCategories = ['Deployment', 'Device management', 'Endpoint operations', 'Vulnerability management', 'Integrations', 'Support']; for(let category of pricingTableCategories) { // Get all the features in that have a pricingTableFeatures array that contains this category. let featuresInThisCategory = _.filter(pricingTableFeatures, (feature)=>{ @@ -38,9 +38,7 @@ module.exports = { // Build a dictionary containing the category name, and all features in the category, sorting premium features to the bottom of the list. let allFeaturesInThisCategory = { categoryName: category, - features: _.sortBy(featuresInThisCategory, (feature)=>{ - return feature.tier !== 'Free'; - }) + features: featuresInThisCategory, }; // Add the dictionaries to the arrays that we'll use to build the features table. pricingTable.push(allFeaturesInThisCategory); @@ -65,7 +63,7 @@ module.exports = { let pricingTableForIt = _.filter(pricingTable, (category)=>{ return category.categoryName !== 'Vulnerability management' && (category.usualDepartment === 'Security' || category.usualDepartment === undefined); }); - let categoryOrderForITPricingTable = ['Device management', 'Support', 'Deployment', 'Integrations', 'Endpoint operations']; + let categoryOrderForITPricingTable = [ 'Deployment','Device management', 'Endpoint operations', 'Integrations', 'Support']; // Sort the IT-focused pricing table from the order of the elements in the categoryOrderForITPricingTable array. pricingTableForIt.sort((a, b)=>{ // If there is a category that is not in the list above, sort it to the end of the list.