Fleet MDM replaces Microsoft Intune with osquery-powered telemetry, cross-platform MDM profiles, automated remediation, and SQL-based endpoint querying -- all without per-device licensing.
Fleet is the open-source device management platform built on osquery, the endpoint agent created at Facebook and used by the world's largest organizations. Fleet provides real-time visibility and control across Windows, macOS, and Linux from a single dashboard.
Where Intune relies on periodic check-ins that can take hours to reflect device state, Fleet uses osquery's live SQL querying to answer questions about your endpoints in seconds. Want to know which devices have disk encryption disabled? Which laptops are running outdated browsers? Which servers have a specific vulnerability? Write a SQL query and get answers across your entire fleet in under 30 seconds.
Fleet also provides native MDM capabilities: configuration profiles for macOS and Windows, software deployment, automated compliance remediation, and integration with Apple Business Manager for zero-touch enrollment. It is the only platform that combines the depth of osquery telemetry with the control of traditional MDM.
Last updated:
SQL-based live queries across your entire fleet. Get answers about device state, installed software, running processes, and security posture in seconds, not hours.
Native MDM profiles for macOS and Windows. Configuration management, Wi-Fi/VPN profiles, disk encryption enforcement, and OS update policies from one console.
Define compliance checks as osquery policies: disk encryption, firewall, OS version, screen lock, and custom checks. Non-compliant devices trigger alerts or automated remediation.
Deploy software packages across platforms: .pkg/.dmg for macOS, .msi/.exe for Windows, .deb/.rpm for Linux. Version enforcement and automated updates.
Fleet scans installed software against CVE databases and flags vulnerable packages. Integrated with the NVD, it identifies which devices need patching before attackers exploit them.
Manage Fleet configuration as code. Policies, queries, and MDM profiles stored in Git. Changes reviewed via pull requests, applied automatically. Infrastructure as code for your fleet.
Fleet is an open-source device management platform built on osquery, the endpoint agent originally created by Facebook. While Intune focuses on Microsoft-centric MDM with policy deployment, Fleet provides real-time SQL-based querying of endpoint state, cross-platform MDM profiles, automated remediation scripts, and software deployment. Fleet reports device state in seconds rather than the hours Intune often takes.
Yes. Fleet is truly cross-platform. It manages macOS (with native MDM profiles via APNs), Windows (with MDM enrollment and osquery), and Linux (with osquery agent). All three platforms are managed from a single dashboard with consistent policy enforcement. Fleet also supports ChromeOS for basic inventory.
Yes. Fleet uses osquery policies to define compliance checks -- disk encryption enabled, OS version current, firewall active, screen lock configured, and more. Non-compliant devices are flagged in the dashboard and can trigger automated remediation scripts. Fleet integrates with Keycloak (FreedomStack identity) to enforce access decisions based on device compliance.
Fleet supports software deployment for all platforms. On macOS, it can deploy .pkg and .dmg installers. On Windows, it supports .msi and .exe packages. On Linux, it supports .deb and .rpm packages. Fleet also integrates with package managers and can enforce specific software versions across the fleet.
Fleet supports Apple Business Manager (ABM) integration for zero-touch macOS enrollment. Devices ship directly to employees and automatically enroll in Fleet MDM on first boot. For Windows, Fleet supports MDM discovery-based enrollment. Linux devices enroll via agent installation scripts that can be pre-baked into images.
We'll analyze your current Intune setup, show you what Fleet looks like for your device fleet, and map out a migration plan. No obligation.