CISO • POSTURE

    Zero Trust Posture & Compliance Factors

    Tracks posture trend over time and lists the specific user/device factors contributing to verification status and risk level.

    What it shows

    Posture trend tells you whether your Zero Trust program is strengthening or slipping. Compliance Factors explain the “why” at a user/device level—useful for targeted remediation.

    How it’s calculated

    • Posture score aggregates identity assurance, device trust, policy enforcement, and exception load.
    • Compliance factors list verification status and the failed check (e.g., expired cert, no MFA, patch level).
    • Risk level reflects impact + exploitability + proximity to critical zones.

    What to do next

    1. 1
      Fix recurring failed checks
      (expired certs, missing MFA) with automation and enforcement.
    2. 2
      Reduce exceptions
      by converting to staged policies and compensating controls.
    3. 3
      Segment external access
      for contractors and partners into constrained conduits.
    4. 4
      Use trendline
      to communicate progress to executives and regulators.

    KPIs to watch

    Posture score
    trend
    Failed checks
    count
    High-risk identities
    count

    Why this matters to a CISO

    AI only works if it’s trustworthy
    If models drift or confidence drops, you’re flying blind. This keeps the AI layer honest.
    Drift is normal in OT
    New firmware, new shifts, new processes—all cause drift. You need to detect it early before it erodes detection quality.
    Confidence drives automation
    You can’t let AI auto-contain based on shaky confidence. This metric ensures automation stays aligned with risk appetite.
    Feedback loops improve accuracy
    Every analyst decision sharpens the models. This closes the loop between human intelligence and machine learning.
    Reference UI Screenshot
    Zero Trust Posture & Compliance Factors screenshot