// the find
fleetdm/fleet
Open device management
Fleet is an open-source device management platform built on osquery and nanoMDM, letting IT and security teams query, patch, and enforce policy across Linux, macOS, Windows, iOS, and Android from a single server. It's a serious alternative to Jamf or Kandji if you want GitOps-style config, a real API, and the ability to actually see what's happening on endpoints rather than just pushing profiles. The target audience is ops/security teams at companies with 100–100,000+ devices who are tired of closed-box MDM vendors.
The osquery foundation is genuinely useful — you can write SQL against live device state and get answers in seconds, which beats the polling model most MDMs use. GitOps support is first-class, not bolted on: YAML config files, fleetctl, and webhook events mean your device policy can live in version control and get reviewed like code. Linux support is treated as a real platform, not an afterthought — same visibility and MDM primitives as macOS and Windows. The free tier is MIT-licensed with no feature artificial limits, and the company handbook being public gives you more signal on longevity than most open-source-adjacent vendors provide.
Self-hosting the Fleet server is non-trivial — you need MySQL, Redis, and S3-compatible storage, plus careful sizing at scale; the 400k-host deployments mentioned aren't running on a single $20 VPS. Mobile (iOS/Android) MDM is behind the commercial license for anything beyond basic enrollment, so if mobile is your primary use case, the open-source version won't get you far. The React frontend is large and the UI can lag behind the API — some queries and features are CLI/API-first and never get a UI counterpart. osquery's schema coverage varies by OS and some tables are macOS-only, which can bite you if you assume parity across platforms without checking the table reference.