Elastic fleet is a dashboard made for Digital Security Specialists (DSSs) to monitor devices running on Windows and MacOS. DSSs are able to know when a partner fell from the cyber security wagon by knowing if:
- Firewall is enabled
- Disk-encryption is enabled
- Screen lock is enabled
- Automatic updates are enabled
- Remote login is disabled
- The device is authentication-protected
- A password manager is installed
This work was sponsored by the ISC Project.
The goal of this project is to have a functioning endpoint management solution. The endpoints are monitored using osquery, wrapped in Kolide's launcher.
This repository is (mostly) a helm chart containing:
- Kolide Fleet
- Elasticsearch
- Kibana
- Elastalert - We use a custom image to allow for editing alerts from Kibana UI
Agent:
Find the documentation here.