Home › Zero Trust Device Check
Zero Trust · Device Trust Verification

Zero Trust Device Health
Verification Platform

Don't just trust the user — verify the device. Lorika continuously assesses endpoint security posture and provides a real-time Security Score that serves as a trust signal for your Zero Trust architecture. Block non-compliant devices from accessing corporate resources.

Start free — up to 10 devices Learn about DSPM →

How Zero Trust device verification works

Traditional perimeter security assumes devices inside the network are trusted. Zero Trust flips this: every device must prove its security posture before accessing any resource. Lorika provides the device health signal that makes this possible.

🔍

Continuous Assessment

The Lorika agent runs 190+ security checks every 15 minutes. Quick-tier checks (firewall, ports, antivirus) run every 15 min; full assessment every 60 min. Heartbeat every 3 min confirms the device is online.

📊

Security Score

Each device gets a weighted Security Score (0-100) based on check results. The score reflects real-time posture: firewall status, disk encryption, patch level, SSH hardening, and 160+ more signals.

🚫

Conditional Access

Integrate with your Identity Provider (Okta, Google Workspace, Azure AD). When a device's score drops below threshold — access is restricted or blocked until issues are resolved.

Three-tier device trust model

Lorika classifies devices into trust tiers based on their Security Score. Each tier determines access level to corporate resources.

Compliant (Score 70+)

Full access to all corporate resources. Device passes all critical security checks: firewall enabled, disk encrypted, OS up-to-date, no dangerous services exposed.

⚠️

Limited (Score 40-69)

Restricted access. Device can access basic resources but sensitive systems (source code, customer data, financial systems) are blocked until remediation.

🛑

Blocked (Score <40)

No access to corporate resources. Critical security issues detected: no encryption, firewall disabled, SSH root login open, or known CVEs present.

What the device health check covers

Critical security signals (Quick tier — every 15 min)

  • Firewall enabled and properly configured
  • Full-disk encryption active (FileVault / BitLocker / LUKS)
  • Antivirus / EDR present and running
  • OS up-to-date, no pending critical patches
  • No dangerous services exposed (Redis, MongoDB, SMB, RDP)
  • Open port detection and risk assessment
  • Screen lock timeout within policy
  • Password policy enforcement

Deep posture assessment (Full scan — every 60 min)

  • SSH hardening (root login, password auth, TCP forwarding)
  • Kernel hardening (ASLR, NX/DEP, SIP, Secure Boot)
  • SELinux / AppArmor / Gatekeeper status
  • SUID/SGID binary audit
  • Software inventory with CVE matching
  • Docker security configuration
  • Audit logging (auditd, syslog, log retention)
  • PAM configuration and brute-force protection

Identity Provider integration

Connect Lorika to your existing Identity Provider. Device trust decisions are enforced automatically — no manual intervention required.

🔑

Okta

Device trust signals via Okta API. Block non-compliant devices from SSO-protected apps.

📧

Google Workspace

Context-aware access policies. Restrict Google Workspace based on device health.

Azure AD / Entra ID

Conditional Access policies driven by real-time device posture assessment.

🔧

JumpCloud

Unified device and identity management with security posture enforcement.

Implement Zero Trust device verification today

Free forever for personal use. No credit card required. 190+ checks, real-time Security Score, Conditional Access.

Create free account →