Trust Score Settings

An overview of Trust Score Settings

  • Updated on Dec 15, 2022
  • 4 minutes to read
  • Contributors

Set the Threshold for Stale Trust Levels

Set a Threshold for Stale Trust Levels. If a device does not submit its Trust Factors for the specified numbers of hours, Banyan cannot compute an up-to-date Trust Level and so automatically sets the device’s Trust Level to Always Deny.

In the Command Center, navigate from Settings > Trust Score Settings > Trust Score Expiry, and set the number of hours before devices’ Trust Levels expire.

Configure API Override Factors

Banyan always enforces the strictest allowed Trust Level. For example, if the external factor is AlwaysDeny but the Banyan Trust Level is Low, the AlwaysDeny will be enforced.

Using the Set Max Trust Level endpoint, you can seamlessly incorporate external factors (such as third-party SEIM or other security monitoring tools) to influence a device’s Trust Level in real time.

Simply configure your third-party tool to POST /set_max_trust_level, including the query parameter (Email or SerialNumber) that needs to be updated. For the request headers, include the Authorization: Bearer $AUTHTOKEN and ContentType: application/json. This json payload includes the Level (AlwaysDeny, Low, Medium, High, AlwaysAllow), Reason (explanation displayed to the admin in the Command Center and to the end user in the Banyan App), and ExtSource (name of the external source, such as CarbonBlack, CrowdStrike, etc.)

The example json below shows a payload sent from CarbonBlack to Banyan after discovering malware associated with a user and/or device.

{
    "Level": "AlwaysDeny",
    "Reason": "Known malware MWS-2019-9842 detected on device - quarantine action taken.",
    "ExtSource": "CarbonBlack"
}

In this example, the Banyan TrustScore automatically drops to Always Deny and the device cannot access Banyan-protected resources.


Can’t find what you’re looking for?

We’re happy to help. Contact our team .