HomeGlossary › Endpoint Security Posture Management
Glossary

What is Endpoint Security Posture Management?

Continuous measurement of every endpoint's security configuration against a baseline, with drift detection and remediation guidance. Often abbreviated ESPM or DSPM (device security posture management). The output is a per-device posture signal and an audit-ready evidence trail.

The three jobs of an ESPM tool

🔍

Measure

Run a defined set of configuration checks against every endpoint at a regular interval. Capture pass / fail / warning per check, with details for any failure that's not obvious.

📈

Detect drift

Compare current state to the baseline (and to the device's own previous state). Surface devices that have regressed, controls that have weakened, fleets that are trending in the wrong direction.

📚

Produce evidence

Write every check execution to an immutable audit log, mapped to compliance-framework controls so a SOC 2 / ISO 27001 / PCI DSS auditor can read the log directly as evidence.

The categories most ESPM tools check

A representative breakdown — Lorika uses these eight categories with 190+ checks total:

Where Lorika fits

Lorika is an ESPM tool with cross-platform parity (macOS, Windows, Linux first-class), 8 compliance-framework mappings built in, and a per-device Security Score that Conditional Access systems can consume as a Zero-Trust signal. The agent footprint is under 10 MB; the scan interval ranges from 1 to 24 hours by plan; delta scans cut bandwidth ~90% versus full scans every interval.

Related terms

Try endpoint posture management on your fleet

Free for up to 10 devices. 190+ checks, 8 frameworks, mapped evidence.

Get started free →