HomeGlossary › Zero-Trust Device Verification
Glossary

What is Zero-Trust device verification?

The pattern of treating every device as untrusted by default and requiring proof of secure configuration before granting access to any resource. The device-posture half of the broader Zero-Trust model — the other half being identity.

Why "device" matters in Zero Trust

The original Zero-Trust framing focused on identity: stop trusting the network perimeter, authenticate every request, give the right user access to the right resource. That works only if the user's device is also trustworthy. A correctly-authenticated user on a device with a disabled firewall, no disk encryption, and a kernel six months behind on patches is a successful attack vector wearing the right badge. Zero-Trust device verification closes that gap by making the device's posture an explicit precondition for access — the same way the user's identity already is.

How the model works in practice

📋

1. Measure posture

A lightweight agent runs on every device — corporate-owned, BYOD, contractor — and reports configuration state (firewall, encryption, SSH, OS patches, CVEs, audit-log settings, dozens more) to a central authority.

📊

2. Score & expose

The authority computes a per-device Security Score and per-category pass/fail signal, time-series-tracked, exposed via API. Access-gating systems (Okta, Azure AD, Tailscale, Cloudflare Access) consume the signal.

🚪

3. Gate access

At access time, the gate consults the signal. Device score above threshold → access granted. Score drops below → access immediately revoked, even mid-session for short-lived tokens.

How Lorika provides Zero-Trust device verification

Lorika is the measure-and-score half of the model. 190+ continuous checks across 8 categories, a 0–100 Security Score per device updated at every scan, time-series history accessible via API. The signal feeds Conditional Access integrations on the roadmap (Okta, Google Workspace, Azure AD, JumpCloud, Tailscale) — and in the meantime, any Conditional Access platform that can consume an external HTTP signal can be wired in directly.

Related terms

Add posture verification to your Zero-Trust stack

Free for up to 10 devices. Per-device Security Score. Continuous, time-series, framework-mapped.

Get started free →