https://github.com/osquery/osquery logo
#kolide
Title
# kolide
e

Erich Stoekl

04/23/2020, 9:20 PM
Hi Folks. I was wondering, what is the risk of a data leak of the Fleet Enrollment secret? What would a malicious actor be able to do with that information? It seems that only being able to connect their agents to the Fleet server would not be especially bad
s

sundsta

04/23/2020, 9:22 PM
Potential DoS if your logging platform has ingestion limits.
e

Erich Stoekl

04/23/2020, 9:23 PM
That's true. Is there an easy way to rotate the enrollment secret?
z

zwass

04/23/2020, 9:49 PM
+1 to @sundsta, I generally feel that the enrollment secret is not that sensitive. You can set it yourself on the admin/settings page or with fleetctl.
3 Views