Zero Trust Health Check

Use this assessment to measure the organization's Zero Trust security posture across three key domains: Endpoint Apps, Network Apps, and SaaS Apps. Work through each section to uncover security gaps and determine where controls should be strengthened.

Endpoint Apps Assessment

In this domain, applications are installed locally on a laptop, server, workstation, or mobile device. Protecting these applications involves security software installed locally on the devices.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are all devices that run software currently running your security software?
  • Hardening: Are all the applications that are capable of running on the Endpoints trusted?
  • Authenticated: Are the people who use the devices verified by strong multi-factor authentication?
  • Threat Detection: Are local threats like Ransomware detected when run?
  • Threat Response: Do local threats, once detected, remove access to the device?
Audit Check Zero Trust Pass/Fail
Coverage: Is Endpoint Detection and Response (EDR) deployed across your inventory, including Windows, Linux, Mac, iOS, and Android?
Hardening: If an untrusted portable application is run, is it blocked by default?
Authenticated: Are identity controls for local authentication (logon process MFA) and conditional access in place?
Detection: Using Windows, can the EDR detect local ransomware attacks?
Response: Once ransomware is detected, is there an incident response process in place to automatically isolate the device?

Network Apps Assessment

In this domain, applications are inside company-run data centers, such as a cloud provider, office facility, or colocation provider. In this scenario, we require network visibility around the device.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are there network filters between your hosted networked apps and the endpoints?
  • Hardening: Are there policies to group which devices are permitted to access networked applications?
  • Authenticated: Are there policies to group which users are permitted to access networked applications?
  • Threat Detection: Are network threats like MITRE techniques detected when run?
  • Threat Response: Do network threats, once detected, remove access to the device?
Audit Check Zero Trust Pass/Fail
Coverage: Is a perimeter firewall deployed between the endpoints and networked apps (servers), Internet, and partner sites?
Hardening: Is there an automatic inventory of all local devices and applications such that only trusted groups are permitted to access applications?
Authenticated: Is traffic currently authenticated to show which users are accessing which application internally on the network?
Detection: Are network threats like the download of an EICAR virus detected by the perimeter firewall and blocked? i
Respond: Once detected, is there an incident response process to eliminate further connections?

SaaS Apps Assessment

In this domain, applications are managed by a 3rd party Software as a Service provider such as Microsoft 365 (Teams, SharePoint or OneDrive). In this scenario we require visibility into the network, endpoint and identities in use by the SaaS product with Enforcement.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are all cloud applications in use by devices monitored regardless of location?
  • Hardening: Are there policies only allowing trusted SaaS applications?
  • Authenticated: Are users verified by strong multi-factor authentication?
  • Threat Detection: Are threats like Account Takeovers detected?
  • Threat Response: When threats are detected, is access removed?
Audit Check Zero Trust Pass/Fail
Coverage: Can you list all third-party SaaS applications and their usage in the organization, both inside and outside the office?
Hardening: Can you allow or block access to these applications by category or app name?
Authenticated: Is traffic currently authenticated to show which users are accessing which third-party SaaS application?
Detection: Are network threats, such as malicious URLs, detected and blocked by your SASE?
Respond: Once detected, is there an incident response process to eliminate further connections?

Assessment Results

Calculating...
Domain Score Status
Endpoint Apps 0
Network Apps 0
SaaS Apps 0

Domain Results

Endpoint Apps

0/5

In this domain, applications are installed locally on a laptop, server, workstation, or mobile device. Protecting these applications involves security software installed locally on the devices.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are all devices that run software currently running your security software?
  • Hardening: Are all the applications that are capable of running on the Endpoints trusted?
  • Authenticated: Are the people who use the devices verified by strong multi-factor authentication?
  • Threat Detection: Are local threats like Ransomware detected when run?
  • Threat Response: Do local threats, once detected, remove access to the device?
Audit Check Result

Network Apps

0/5

In this domain, applications are inside company-run data centers, such as a cloud provider, office facility, or colocation provider. In this scenario, we require network visibility around the device.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are there network filters between your hosted networked apps and the endpoints?
  • Hardening: Are there policies to group which devices are permitted to access networked applications?
  • Authenticated: Are there policies to group which users are permitted to access networked applications?
  • Threat Detection: Are network threats like MITRE techniques detected when run?
  • Threat Response: Do network threats, once detected, remove access to the device?
Audit Check Result

SaaS Apps

0/5

In this domain, applications are managed by a 3rd party Software as a Service provider such as Microsoft 365 (Teams, SharePoint or OneDrive). In this scenario we require visibility into the network, endpoint and identities in use by the SaaS product with Enforcement.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are all cloud applications in use by devices monitored regardless of location?
  • Hardening: Are there policies only allowing trusted SaaS applications?
  • Authenticated: Are users verified by strong multi-factor authentication?
  • Threat Detection: Are threats like Account Takeovers detected?
  • Threat Response: When threats are detected, is access removed?
Audit Check Result
Section 1/3