We're trialing it now.
Running into a few issues, but they're on our side with our backbone architecture. Agent itself seems to be working exactly as advertised, and the development team is fantastically responsive.
Deployment is simple, especially with Jamf. .pkg installer, and a config profile with your preferences/settings/etc. You'll need to make sure you have the proper certificates in place, but that can be done through a profile or pkg if needed as well. Other than that, it "just works"
No real impact on the user that I've seen in our testing. CPU usage on my MP is minimal. On a test VM with only two cores, I'd see it occasionally spike up to about 20%, but again... 2 core VM with 4gb of RAM. On actual hardware I don't notice it running unless I make it a point to go look for it.
@gachowski FWIW I'm the developer of cmdReporter and I'm still an active mac admin so it's good answers across the board for deployment, notarization, configuration, and updates. We also realize we are making some big claims for performance and monitoring capabilities so we offer generous trials, especially to those orgs with large infosec teams.
I'm happy to answer any questions you might have here or on the macadmin slack (at)dancmd.
I just started testing cmdReporter and gleefully gathering audit control evidence that I had really been struggling to collect for too long before this. This is going to save in Splunk index costs also, I will post more in the future on that. I could not be happier about this software!