Hi there we are trying to use osquery to check employee lapt

Question

Hi there we are trying to use osquery to check employee laptops for encryption and checking inventory Here is the catch we want to do it for another company their team uses macos We thought of setting up a fleet on our servers using fleetdm Question is there an easy way to launch osquery on the employee laptops and avoid becoming identified developer for apple in case of app download Would be great if they could just download a pkg file I heard it takes time to get verified and it s not really in scope for us

seph · Answer

Generally speaking macOS won t install an unsigned pkg

seph · Answer

So you might be able to use a vendor with appropriately signed pkg files Use the osquery ones and distribute configuration outside it Get your own certs and sign pkgs that bundle osquery and configs FYI I think it s pretty fast to get apple developer accounts I don t remember long delays

seph · Answer

Might be other ways Kinda depends on where you want to spend time

Grigory Emelianov · Answer

Hey seph thanks We thought it will take months to get approve to apple store But I will try now and see how it goes

Mystery Incorporated · Answer

Isn t the official osquery package signed I just downloaded it from <http osquery io|osquery io> and installed it on my mac no problem and didn t have to sign it

seph · Answer

It takes months to get endpoint security credentials But you don t need those

seph · Answer

Yes the official packages are signed TBH they would be useful if they weren t