Skip to content
Cloud Dashboard

Compliance

Check your fleet against security frameworks and track compliance across devices and groups.

Overview

The compliance system evaluates every device against a configurable security policy and shows you which checks pass, fail, or need attention. Use it to ensure your fleet meets security standards and to identify gaps before they become problems.

Compliance Checks

Each device is evaluated against these checks:

CheckWhat it validates
Disk EncryptionBitLocker is enabled and volumes are fully encrypted
AntivirusAntivirus is enabled with real-time protection active
AV SignaturesAntivirus signature database is up to date (within your configured threshold)
FirewallAll Windows Firewall profiles are enabled
OS PatchesWindows updates have been applied within your configured timeframe
Screen LockScreen lock or screen saver is enabled with lock-on-resume
Password LengthSystem password policy meets your minimum length requirement
Password PolicyPassword complexity, lockout threshold, and related policies are configured

Each check returns one of four statuses:

  • Pass — The device meets the requirement
  • Warning — Partially compliant or approaching a threshold
  • Fail — The device does not meet the requirement
  • Skipped — Not enough data to evaluate (e.g., device hasn't reported yet)

Compliance Policy

You can customize the thresholds for compliance checks to match your organization's requirements:

  • How many days antivirus signatures can be old before failing
  • How many days since the last OS patch before failing
  • Minimum password length requirement
  • Any other configurable thresholds

If you don't set a custom policy, sensible defaults are used.

Fleet Compliance View

The compliance overview shows:

  • Total devices and how many have been evaluated
  • Number of fully compliant devices
  • Overall pass rate as a percentage
  • Per-check breakdown — how many devices pass, warn, fail, or skip each check
  • List of non-compliant devices so you can prioritize remediation

Group Compliance

Compliance statistics can be broken down by group (API key), so you can compare compliance rates across teams, locations, or environments. Each group shows its own device count, compliance rate, and per-check pass rates.

Framework Mapping

Compliance checks are mapped to standard security frameworks so you can see how your fleet stacks up against industry requirements:

  • CIS Controls — Center for Internet Security best practices
  • NIST SP 800-171 — Protecting controlled unclassified information
  • ISO 27001 — Information security management
  • SOC 2 Type II — Service organization controls
  • PCI DSS — Payment card industry data security standard

This mapping lets you understand which regulatory requirements your fleet currently satisfies and which need attention.

Compliance Alerts

When a device fails a compliance check, a compliance alert is automatically created. The alert resolves itself when the device becomes compliant again. You can configure notifications to be alerted via email or Slack when compliance failures occur.

Exporting

Export compliance data for audits, reports, or external compliance tracking tools.

Health Scores & Alerts

Understand how device health scores are calculated, configure alert rules across seven categories, and route notifications to Slack, email, or webhooks.

Network Security & Threats

Audit network configurations, enforce policies, and detect threats across your fleet.

On this page

OverviewCompliance ChecksCompliance PolicyFleet Compliance ViewGroup ComplianceFramework MappingCompliance AlertsExporting