System Integrity
- 23 Jan 2025
- 2 Minutes to read
- Print
- DarkLight
- PDF
System Integrity
- Updated on 23 Jan 2025
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
About this Article
This article provides information related to the System Integrity widgets
System Integrity widgets provide the Trust Scores report and trend for the files on all the Workloads/Probes discovered in the topology. Once the initial scan of the executables on the nodes is complete, Trust Engine Blades calculate the Trust Scores for every discovered executable.
Navigate to TrustSight > System Integrity in the CMS left navigation pane
Select the required node element on the widget and click Submit to view their System Integrity information
A few of the options available for each widget are described below:
Filter, Drilldown, Show Underlying Data and Show IQ Data options are available for each segment in the statistics
Download - The displayed statistics can be downloaded in different formats - PNG, XLSX, CSV
For reference, the legend is provided with Trust Score level and its corresponding range
Any unknown files with a Trust Score of 0 indicates that the Trust Sight is procuring the score. Once the score is calculated, the information is updated automatically
The average Workload Trust Score is also provided to project the average health of the topology
System Integrity Report
The System Integrity Report widget provides the statistics of the trust scores of all the discovered non-packaged files
The levels range from Full Trust(Trust score: 100) to Unknown(Trust score: 0). Based on the individual scores, the average score is calculated. Here are the various Trust Levels:
Trust Level
Trust Score Range
Full Trust
100
Elevated Trust
76-99
High Trust
51-75
Medium Trust
26-50
Low Trust
1-25
Unknown
0
For any trust level, the user can drill-down, filter or analyse the underlying information to get a better understanding of the reasons for that Trust Score being assigned to the files
After the initial audit period (where Trust Blade Engines determine Trust Scores of all the discovered files), the customer needs to analyse the unknown files. They can either:
Authorize the safe files that can execute on the workloads in CMS by adding them to the allowlist OR
Remove the files from the workload if they are malicious/suspicious
Standard actions for each widget are available
The System Integrity Score widget provides the statistics of the trust scores of all the discovered executables
The levels range from Full Trust(Trust score: 100) to Unknown(Trust score: 0). Based on the individual scores, the average score is calculated
Standard actions for each widget are available
Non-Packaged Files
[Version 3.1.1 and Above]
Non-Packaged Files provides the statistics of the trust scores of all the discovered non-packaged files
Standard actions for each widget are available
Trust Score Trend
The System Integrity Trend widget provides an understanding of how the Trust Score varies over a specific period of time
During the initial audit period (where Trust Blade Engines determine Trust Scores of all the discovered files), we see an upward trend
Whenever there is a dip (due to new workload addition or new package installation), users can drill-down to view more information or view the underlying data and analyse the reasons for the dip
Standard actions for each widget are available
The System Integrity Trend widget provides the Trust Score Trend for a specific interval of time
Standard actions for each widget are available
Was this article helpful?