Title
#kolide
Erich Stoekl

Erich Stoekl

04/23/2020, 9:20 PM
Hi Folks. I was wondering, what is the risk of a data leak of the Fleet Enrollment secret? What would a malicious actor be able to do with that information? It seems that only being able to connect their agents to the Fleet server would not be especially bad
sundsta

sundsta

04/23/2020, 9:22 PM
Potential DoS if your logging platform has ingestion limits.
Erich Stoekl

Erich Stoekl

04/23/2020, 9:23 PM
That's true. Is there an easy way to rotate the enrollment secret?
zwass

zwass

04/23/2020, 9:49 PM
+1 to @sundsta, I generally feel that the enrollment secret is not that sensitive. You can set it yourself on the admin/settings page or with fleetctl.