Advanced · Security & Zero-Trust

NAC Posture Drift Detector

Compares the current NAC + IdP + MDM posture snapshot against the last clean baseline. Flags endpoints whose posture has degraded — missing patches, disabled disk encryption, expired certs, MDM unenrollment, profiling drift — and returns ranked remediation steps per endpoint with confidence and blast-radius context.

Baseline diff

Snapshot today's posture vs the last known-good baseline. Per-endpoint diff covers OS patch level, AV/EDR state, disk encryption, cert validity, MDM enrollment and NAC profile.

Severity + blast radius

Each drifted endpoint is scored info / warn / critical and tagged with the segments it can still reach, so you can triage by exposure not just count.

Prescriptive remediation

AI prescribes the minimal fix — re-enroll MDM, push patch, rotate cert, quarantine VLAN, or open a NetGitOps PR — with rollback notes per action.

Run a posture-drift scan

Pick a baseline window. AI returns drifted endpoints with severity, blast radius, and a ranked remediation plan.

Next run≈ 1–2 creditsInsight

No runs yet on this tool

Request

≈ 1–2 credits

Remediation workflow

Endpoint remediation workflow

Each ranked fix from the drift scan becomes an actionable task with an owner and an execution timeline. Assign a team, advance through queued → assigned → in-progress → verifying → done, or block if a change window is needed.

No tasks match this filter.

Pick a task to assign an owner and advance status.