Comment by hparadiz

Kolide admin provides a web UI for osquery so you can query things. It allows remote osquery queries but not remote code execution. You generally pair it with CrowdStrike Falcon.

Kolide does a spot check like "is falcon sensor running" but if the user logs in, has the session token created, and then disables whatever the session token would still be valid.

Also Kolide doesn't actually count as an MDM. Has a bunch of missing features. I recently evaluated it.