Continuous measurement of every endpoint's security configuration against a baseline, with drift detection and remediation guidance. Often abbreviated ESPM or DSPM (device security posture management). The output is a per-device posture signal and an audit-ready evidence trail.
Run a defined set of configuration checks against every endpoint at a regular interval. Capture pass / fail / warning per check, with details for any failure that's not obvious.
Compare current state to the baseline (and to the device's own previous state). Surface devices that have regressed, controls that have weakened, fleets that are trending in the wrong direction.
Write every check execution to an immutable audit log, mapped to compliance-framework controls so a SOC 2 / ISO 27001 / PCI DSS auditor can read the log directly as evidence.
A representative breakdown — Lorika uses these eight categories with 190+ checks total:
Lorika is an ESPM tool with cross-platform parity (macOS, Windows, Linux first-class), 8 compliance-framework mappings built in, and a per-device Security Score that Conditional Access systems can consume as a Zero-Trust signal. The agent footprint is under 10 MB; the scan interval ranges from 1 to 24 hours by plan; delta scans cut bandwidth ~90% versus full scans every interval.
Free for up to 10 devices. 190+ checks, 8 frameworks, mapped evidence.
Get started free →