Device Status and Security Posture
Device Status
Device status indicates whether a device can be onboarded and used by TSFA. It reflects the device’s provisioning state and compatibility, not its security condition.
Depending on its status, a device may be fully operational, require additional configuration, or be unsupported due to hardware or firmware limitations. These status values help administrators identify devices that require attention before they can be fully managed.
Status Values
TSFA Security Posture
Security posture represents the security condition of a device based on events generated by the device.
Devices continuously emit events, which are sent to the cloud and processed using predefined rules. These rules evaluate events and determine the device’s current security posture.
Events are also surfaced as incidents, which provide visibility into detected issues and historical activity. Security event Incidents support monitoring and analysis but do not change the underlying event processing logic.
As new events are received, the system recalculates and updates the device’s posture to reflect the latest state.
Process
To view security event incidents:
- Go to Device Management > Devices.
- Select a device from the list.
- In the device details page, select the Issues & Errors tab.
- In the search box, click the filter arrow and select Security Events.
Alternatively, you can view all incidents across devices:
- Go to Device Insights > TSFA Security > All incidents tab.
- This tab displays incidents from all devices in the organization. For more information, see Incident Overview.
Security Posture Values
|
Posture |
Description |
|
Healthy |
No issues detected |
|
Unhealthy |
Device is reporting events, but configuration or security issues are detected |
|
Suspect |
Device is reporting events, and potential risk is identified based on rule evaluation |
|
Uninitialized |
Device is not reporting data correctly or cannot communicate with the system |
For information about Device Status and Security Posture issues,
see Security Event Log Reference, and Troubleshooting TSFA.
Related Articles
Incident Overview
The TSFA Incident Overview provides a centralized view of all TSFA Security incidents detected across your fleet. It enables administrators to monitor and export events efficiently from a single, organized workspace. To access this feature , got to ...Security Event Log Reference
This document provides a structured overview of key security-related incidents logged by ThinkShield Firmware Assurance. Events are categorized based on their nature, severity, and potential impact. Each event includes a brief description, its ...Patch Deployment Status Report
When a patch is successfully installed to a Windows device, it is removed from the Patches section and added to Patch Deployment. This report provides details about the patches deployed. To generate a report, click Reports > Patch Deployment Status. ...System Update Status Report
This report provides information on system updates for devices across the entire organization. System Update information will be available only if the System Update feature is enabled. To generate a report, click Reports > System Update Status. The ...Viewing Device Information – Android Operating System
Device Details provides comprehensive information about a device and allows administrators to perform a variety of management actions. To access this page, navigate to Device Management > Devices and select a device. Please note that the device must ...