Has anyone been successful getting an endpoint security entitlement from apple? I’d love to implement the new tables without disabling SIP but reached out to someone there and got the usual “sorry, no idea how long this will take” response. Really happy to have paid my $99 to have no SLA on getting an entitlement

osquery has an entitlement, and 5.0 will ship with it signed in place.

oooo nice. mind if i ask how long it took from apply → approval?

I have personally gotten the entitlement (on my personal dev account), after about 14 months -- they only granted a "development" version of it lol. On work and osquery foundation, I think having the DUNS number helped, it was ~2-4 months time, IIRC

lol holy shit

and as Seph mentioned, we currently have an entitlement, and 5.0.0 will ship with endpointsecurity table!

do you have to supply them with source code or?

Looks like I requested in in July of 2020, and it was granted in October.

nope, but they basically wanted a short "essay" on why you need it, I just pointed it to my github where I have contributed to osquery before

I wrote

osquery is an open source endpoint agent. It presents a sql-like interface to underlying OS apis. We're beginning to add support for the Endpoint Security API

and linked to the osquery website.

lol sounds absolutely foolproof for them 😛 surely no one could lie! thanks for the info, I guess I’ll set a reminder for myself for 4-6 months

If it’s stock osquery you want, you;ll have it “soon”. But I realize you might want more

yeah im actually also writing an app in my spare time that requires it 😕 but at least i can test the osquery parts soon!

@clong and to add insult to injury they charge you for the "privilege" 🤪

Yep. I actually had to contact support to get the privilege of spending $99 because my enrollment kept erroring out lol