The Checks feature is one of the ways Kolide provides insights into your devices. In this case, the insights are pre-set and opinionated. Checks look at common IT/security best practices like whether or not FileVault 2 disk encryption is enabled, or if the macOS Gatekeeper setting is enabled.

From the Checks page you can enable or disable checks, based on company priorities. You can also configure the type of notification that you wish to send/receive based on the Check.

For instance, you may want users to self-service their Firewall configuration if it is not currently enabled. You could set the Firewall Check to send a Slack direct message to the device's owner with Firewall configuration instructions when the device is not in compliance.

You can also send notifications to a Private or Public Slack channel where security team-members can be alerted when devices fall out of compliance.

With the Kolide slackbot enabled and notifications configured, users can check the current status of their device by messaging the Kolide slackbot with the command device .

This is a great way to get users involved in driving the security of your organization.

If you have any questions about Checks, click on the Intercom button below and ask away!

Did this answer your question?