Security Posture Coverage Compliance

  • Updated on Apr 10, 2026
  • Published on Mar 25, 2026
  • 2 minute(s) read
Prev Next

WHAT IS SECURITY POSTURE COVERAGE COMPLIANCE AND WHY IS IT IMPORTANT?

About This Control

Summary: Security Posture Coverage Compliance checks on a suite of security software products. These products frequently run as agents that are installed on devices, such as servers, laptops, and desktops, to protect them from potentially malicious software, to implement zero trust, and to assess the devices for vulnerabilities.

Purpose: These security tools are needed for multiple reasons:

  • Preventing unauthorized entry to a device containing sensitive corporate data by deploying endpoint protection on devices

  • Eliminating potential pathways that can provide unauthorized access to the corporate network

  • Ensuring that all devices connected to the corporate network have appropriate safeguards in place to protect against an attack

Implementation Guidance: The dashboard can be configured to support products from multiple Categories, such as Endpoint Detection and Response (EDR), Vulnerability Scanners, Zero Trust, and others. The dashboard can also be configured to support more than one product in a Category, for example, if the organization uses multiple EDR solutions due to acquisitions, or differences in solutions depending on geo, or operating system.

Why It Matters

  • The solutions that this dashboard monitors protect the organization’s devices from various forms of cyberattack.

  • To get the expected protection from these solutions, it is important to know that they have been installed or configured to protect all the devices that are in scope for them.

  • Additionally, it is important to know that the solution is reporting in to indicate that it is not only installed but is working as expected.

Risks Addressed:

The products that this dashboard reports on protect against risks similar to the following:

  • Malware and Ransomware by detecting or blocking malicious software before or during execution.

  • Zero-Day attacks by using heuristics and machine learning to detect unknown threats by their behavior.

  • Data Exfiltration by monitoring unauthorized data transfers and by reducing the blast radius of a breach.

  • Lateral Movement by keeping attackers from moving across the network through segmentation.

CONTROLS THIS DASHBOARD REPORTS ON

This dashboard reports on your organization’s level of compliance with these controls:

  • NIST CSF v2.0:

    DE.CM-09 - Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events

  • PCI-DSS v4.0.1:

    5.3 Anti-malware mechanisms and processes are active, maintained, and monitored.

    5.3.2 The anti-malware solution(s):

    • Performs periodic scans and active or real-time scans OR

    • Performs continuous behavioral analysis of systems or processes.

  • CIS CSC v8.1:

    10.1 Devices Deploy and Maintain Anti-Malware Software

    10.2 Devices Configure Automatic Anti-Malware Signature Updates

    10.6 Devices Centrally Manage Anti-Malware Software

    10.7 Devices Use Behavior-Based Anti-Malware Software

PRIMARY KEY PERFORMANCE INDICATOR (KPI)

The dashboard reports on this Primary KPI:

  • Numerator: Number of devices with all expected solutions installed and active for all in-scope Categories

  • Denominator: The number of devices that are in scope for the Categories

COLUMNS DISPLAYED ON THE DETAIL DASHBOARD

  • Leading: Compliance Status, Hostname, Device Type, Device Group, OS Name, Device Databee ID

  • Configuration: Coverage Category, Scope Condition, Compliance Condition, Feed, Days, Version Check Required, Versions

  • Compliance: Category Compliance Status, Category Days Compliance Status, Category Last Seen Time, Days Since Last Seen Category, Days Since Last Seen Feed, Days Since Last Seen Feed, Device Last Seen Time, Feed Compliance Status, Feed Days Compliance Status, Feed Last Seen Time, Feed Version, Feed Version Compliance Status

  • Org Hierarchy: Owner Email Address, Owner Employee Id, Owner Full Name, Owner Job Title, Manager Email Address, Manager Employee Id, Manager Full Name, Level 2, Level 3, Level 4, Level 5, Level 6

  • Dates: Is Current

OCSF TABLES USED BY THE DASHBOARD

  • Device Entity View

  • User Entity View

  • CDP.User

  • CDP.Device

  • OCSF.Device Inventory Info

Copyright © 2026 DataBee®, A Comcast Company.
DataBee® is a registered trademark of Comcast.