System Integrity
- 30 Oct 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
System Integrity
- Updated on 30 Oct 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
About this Article
This article provides information related to the System Integrity widgets
System Integrity widgets provide the Trust Scores report and trend for the files on all the Workloads/Probes discovered in the topology. Once the initial scan of the executables on the nodes is complete, Trust Engine Blades calculate the Trust Scores for every discovered executable.
- Navigate to TrustSight > System Integrity in the CMS left navigation pane
- Select the required node element on the widget and click Submit to view their System Integrity information
- A few of the options available for each widget are described below:
- Filter, Drilldown, Show Underlying Data and Show IQ Data options are available for each segment in the statistics
- Download - The displayed statistics can be downloaded in different formats - PNG, XLSX, CSV
- For reference, the legend is provided with Trust Score level and its corresponding range
- Any unknown files with a Trust Score of 0 indicates that the Trust Sight is procuring the score. Once the score is calculated, the information is updated automatically
- The average Workload Trust Score is also provided to project the average health of the topology
System Integrity Report
Version 3.1.1 and Above:
- The System Integrity Report widget provides the statistics of the trust scores of all the discovered non-packaged files
- The levels range from Full Trust(Trust score: 100) to Unknown(Trust score: 0). Based on the individual scores, the average score is calculated. Here are the various Trust Levels:
Trust Level Trust Score Range Full Trust 100 Elevated Trust 76-99 High Trust 51-75 Medium Trust 26-50 Low Trust 1-25 Unknown 0 - For any trust level, the user can drill-down, filter or analyse the underlying information to get a better understanding of the reasons for that Trust Score being assigned to the files
- After the initial audit period (where Trust Blade Engines determine Trust Scores of all the discovered files), the customer needs to analyse the unknown files. They can either:
- Authorize the safe files that can execute on the workloads in CMS by adding them to the allowlist OR
- Remove the files from the workload if they are malicious/suspicious
- Standard actions for each widget are available
Version 3.1.0:
- The System Integrity Score widget provides the statistics of the trust scores of all the discovered executables
- The levels range from Full Trust(Trust score: 100) to Unknown(Trust score: 0). Based on the individual scores, the average score is calculated
- Standard actions for each widget are available
Non-Packaged Files
[Version 3.1.1 and Above]
- Non-Packaged Files provides the statistics of the trust scores of all the discovered non-packaged files
- Standard actions for each widget are available
Trust Score Trend
Version 3.1.1 and Above:
- The System Integrity Trend widget provides an understanding of how the Trust Score varies over a specific period of time
- During the initial audit period (where Trust Blade Engines determine Trust Scores of all the discovered files), we see an upward trend
- Whenever there is a dip (due to new workload addition or new package installation), users can drill-down to view more information or view the underlying data and analyse the reasons for the dip
- Standard actions for each widget are available
Version 3.1.0:
- The System Integrity Trend widget provides the Trust Score Trend for a specific interval of time
- Standard actions for each widget are available
Was this article helpful?