Create device posture policy
Attributes:
Windows:
Operating System Version
Devices must meet specified version requirements. Supported conditions:
GTE: Greater than or equal to the specified version.
LTE: Less than or equal to the specified version.
EQUAL: Matches the exact version.
Antivirus
Devices must have at least one supported antivirus solution installed (e.g., Microsoft Defender, Avast, Bitdefender).
Disk encryption
FULL_DISK: Requires full disk encryption.
SPECIFIC_VOLUME: Validates encryption for a specific volume (e.g., C).
Certificates The policy can enforce validation by specifying the certificate content as a string.
macOS:
Operating System Version
Devices must meet specified version requirements using the same conditions as Windows.
Antivirus
Supported antivirus software includes solutions like Bitdefender and Avast.
Disk Enryption
Disk encryption must be enabled. Volume-specific encryption checks aren’t supported.
Certificates
The policy can enforce validation by specifying the certificate as a string.
Linux, Android, and iOS:
Compliance is based on general device allowance or denial criteria without detailed checks for antivirus, encryption, or certificates.
Body parameter
{
"name": "string",
"description": "string",
"userGroupsIds": [
"string"
],
"windows": {
"allowed": true,
"version": {
"version": "string",
"condition": "GTE"
},
"antiviruses": [
"AVAST"
],
"diskEncryption": {
"type": "FULL_DISK",
"volume": "string"
},
"certificate": "string"
},
"macos": {
"allowed": true,
"version": {
"version": "string",
"condition": "GTE"
},
"antiviruses": [
"AVAST"
],
"diskEncrypted": true,
"certificate": "string"
},
"linux": {
"allowed": true
},
"android": {
"allowed": true
},
"ios": {
"allowed": true
}
}
Parameters
Name | In | Type | Required | Description |
|---|---|---|---|---|
body | body | true | none | |
» name | body | string | false | none |
» description | body | string | false | none |
» userGroupsIds | body | [string] | false | none |
» windows | body | false | none | |
»» allowed | body | boolean | false | none |
»» version | body | false | none | |
»»» version | body | string | false | none |
»»» condition | body | string | false | none |
»» antiviruses | body | [string] | false | none |
»» diskEncryption | body | false | none | |
»»» type | body | string | false | none |
»»» volume | body | string | false | none |
»» certificate | body | string | false | none |
» macos | body | false | none | |
»» allowed | body | boolean | false | none |
»» version | body | false | none | |
»» antiviruses | body | [string] | false | none |
»» diskEncrypted | body | boolean | false | none |
»» certificate | body | string | false | none |
» linux | body | false | none | |
»» allowed | body | boolean | false | none |
» android | body | false | none | |
»» allowed | body | boolean | false | none |
» ios | body | false | none | |
»» allowed | body | boolean | false | none |
Enumerated Values
Parameter | Value |
|---|---|
»»» condition | GTE |
»»» condition | LTE |
»»» condition | EQUAL |
»» antiviruses | AVAST |
»» antiviruses | AVG |
»» antiviruses | AVIRA |
»» antiviruses | BITDEFENDER |
»» antiviruses | CROWDSTRIKE_FALCON |
»» antiviruses | ESET |
»» antiviruses | MALWAREBYTES |
»» antiviruses | MCAFEE |
»» antiviruses | MICROSOFT_DEFENDER |
»» antiviruses | NORTON |
»» antiviruses | SENTINEL_ONE |
»»» type | FULL_DISK |
»»» type | SPECIFIC_VOLUME |
»» antiviruses | AVAST |
»» antiviruses | AVG |
»» antiviruses | AVIRA |
»» antiviruses | BITDEFENDER |
»» antiviruses | CROWDSTRIKE_FALCON |
»» antiviruses | ESET |
»» antiviruses | MALWAREBYTES |
»» antiviruses | MCAFEE |
»» antiviruses | MICROSOFT_DEFENDER |
»» antiviruses | NORTON |
»» antiviruses | SENTINEL_ONE |
Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
200 | OK |
To perform this operation, you must be authenticated by means of one of the following methods: oauth