Trust Score Settings
An overview of Trust Score Settings
Set Trust Level Expiration
If a device does not submit its Trust Factors for the specified numbers of hours, the Cloud Secure Edge (CSE) cannot compute an up-to-date Trust Level and so automatically sets the device’s Trust Level to Always Deny.
In the Command Center, navigate from Settings > Banyan Client > Trust, and set the number of hours before devices’ Trust Levels expire.
Configure API Override Factors
CSE always enforces the strictest allowed Trust Level. For example, if the external factor is AlwaysDeny but the Trust Level is Low, the AlwaysDeny will be enforced.
Using the Set Max Trust Level endpoint, you can seamlessly incorporate external factors (such as third-party SEIM or other security monitoring tools) to influence a device’s Trust Level in real time.
Simply configure your third-party tool to POST /set_max_trust_level
, including the query parameter (Email
or SerialNumber
) that needs to be updated. For the request headers, include the Authorization: Bearer $AUTHTOKEN
and ContentType: application/json
. This json payload includes the Level
(AlwaysDeny, Low, Medium, High, AlwaysAllow), Reason
(explanation displayed to the admin in the Command Center and to the end user in the CSE app), and ExtSource
(name of the external source, such as CarbonBlack, CrowdStrike, etc.)
The example json below shows a payload sent from CarbonBlack to CSE after discovering malware associated with a user and/or device.
{
"Level": "AlwaysDeny",
"Reason": "Known malware MWS-2019-9842 detected on device - quarantine action taken.",
"ExtSource": "CarbonBlack"
}
In this example, the Trust Level automatically drops to Always Deny
and the device cannot access CSE-protected resources.