Device posture configuration overview

Admin users with sufficient permissions can set and manage device posture policies for endpoint devices via the Device Posture page. Coro collects and analyzes data from connected devices to ensure compliance with these policies.

Device posture policies are grouped according to the following device vulnerabilities:

You can apply device posture policies to groups of devices by setting device labels against each policy. Device labels enable you to apply policies to groups of devices sharing the same label. If a device fails to comply with a posture policy, Coro generates an Endpoint Security ticket and initiates the remediation action specified in that policy.

Device posture policies are listed under each vulnerability along with their corresponding device labels and remediation action:

Policy details

Info

Certain device posture policies only apply to specific operating systems.

note

Policy remediation actions are not applicable to "Sensitive Data Scans", "Remote Password & Session Locking", and "Wi-Fi Connection" device posture policies.

Accessing the Device Posture page

To access the Device Posture page:

  1. Sign into the Coro console .
  2. Select Control Panel :

    Control panel

  3. Select Endpoint Security :

    Endpoint Security

  4. Select the Device Posture tab:

    Device posture tab

Editing an existing policy

To edit an existing device posture policy:

  1. Access the Device Posture page .
  2. Select the dropdown next to the desired policy group name:

    View policy group

  3. Select the three-dot menu next to the desired policy:

    Policy actions

  4. Select Edit policy :

    Edit a policy

  5. Select the remediation action for the policy:

    Select the remediation action

    You can select the following remediation actions, depending on the policy:

    • Review : No auto-remediation is performed, and the ticket is classified as requiring review . The ticket remains open until either an admin user closes it manually or the vulnerability is observed by the Coro endpoint agent as being resolved.
    • Enforce : Auto-remediation is performed, recorded in the ticket, and the ticket is auto-closed.
    note

    After you create a workspace for new customers, Coro sets all Device Posture settings to "Review" by default. This setup enables you to configure your Device Posture settings according to your preferences and security requirements.

    Device Posture settings for existing customers remain unchanged.

  6. Select device labels to apply to the policy from the Apply policy to devices with these labels field:

    Assign policy labels

  7. Select SAVE to apply your changes.

Removing an existing policy

To remove an existing device posture policy:

  1. Access the Device Posture page .
  2. Select the dropdown next to the desired policy group name:

    View policy group

  3. Select the three-dot menu next to the desired policy:

    Policy actions

  4. Select Delete policy :

    Delete policy

    The Delete policy dialog appears.

  5. Select CONFIRM :

    Delete policy dialog

    The device posture policy is removed.