1
Partner & Customer Info
2
Endpoint Apps
3
Network Apps
4
SaaS Apps
5
Results

Customer & Your Information

Before you begin: Please enter your company information and the customer name. This information will appear on the generated report.
Logo preview

Endpoint Apps Assessment

In this domain, applications are installed locally on a laptop, server, workstation, or mobile device. Protecting these applications involves security software installed locally on the devices.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are all devices that run software currently running your security software?
  • Hardening: Are all the applications that are capable of running on the Endpoints trusted?
  • Authenticated: Are the people who use the devices verified by strong multi-factor authentication?
  • Threat Detection: Are local threats like Ransomware detected when run?
  • Threat Response: Do local threats, once detected, remove access to the device?
Audit Check Zero Trust Pass/Fail
Coverage: Is Endpoint Detection and Response (EDR) deployed across inventory: Windows, Linux, Mac, iOS, and Android?
Hardening: If an untrusted portable application is run like the Zero Trust Auditor Tool, is it blocked by default?
Authenticated: Are Identity controls for Local Authentication (Logon Process MFA) and conditional access in place?
Detection: Using Windows and the Zero Trust Auditor Tool, can the EDR detect Local Ransomware Attacks?
Response: Once ransomware is detected, is there an Incident Response Process in place to automatically isolate the device?

Network Apps Assessment

In this domain, applications are inside company-run data centers, such as a cloud provider, office facility, or colocation provider. In this scenario, we require network visibility around the device.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are there network filters between your hosted networked apps and the endpoints?
  • Hardening: Are there policies to group which devices are permitted to access networked applications?
  • Authenticated: Are there policies to group which users are permitted to access networked applications?
  • Threat Detection: Are network threats like MITRE techniques detected when run?
  • Threat Response: Do network threats, once detected, remove access to the device?
Audit Check Zero Trust Pass/Fail
Coverage: Perimeter Firewall Deployed between the Endpoints and Networked Apps (Servers), Internet, and Partner Sites?
Hardening: Is there an automatic Inventory of all Local Devices and Applications such that only trusted groups are permitted to access applications?
Authenticated: Is traffic currently authenticated to show which users are accessing which application internally on the network?
Detection: Are network threats like the download of an EICAR virus detected by the perimeter firewall and blocked?
Respond: Once detected is there an Incident Response process to eliminate further connections?

SaaS Apps Assessment

In this domain, applications are managed by a 3rd party Software as a Service provider such as Microsoft 365 (Teams, SharePoint or OneDrive). In this scenario we require visibility into the network, endpoint and identities in use by the SaaS product with Enforcement.

The Zero Trust Health Check examines key aspects such as:

  • Coverage: Are all cloud applications in use by devices monitored regardless of location?
  • Hardening: Are there policies only allowing trusted SaaS applications?
  • Authenticated: Are users verified by strong multi-factor authentication?
  • Threat Detection: Are threats like Account Takeovers detected?
  • Threat Response: When threats are detected, is access removed?
Audit Check Zero Trust Pass/Fail
Coverage: Can you list all the 3rd party SaaS applications and their usage in the org inside and outside the office?
Hardening: Can you allow or block access to these applications by category or app name?
Authenticated: Is traffic currently authenticated to show which users are accessing which 3rd party SaaS application?
Detection: Are network threats like the malicious URL in the Zero Trust Auditor tool detected and blocked by your SASE?
Respond: Once detected is there an Incident Response process to eliminate further connections?

Assessment Results

Calculating...

Domain Status

Next Steps: Click the button below to generate a professional PDF report of this Zero Trust Health Check assessment. This report can be shared with your customer to discuss their security posture and opportunities for improvement.