Skip to main content
All CollectionsConnectionsProvider
Kolide Connection
Kolide Connection
Updated over 2 weeks ago

Connecting to Kolide will enable the MDM option in Workstation Configuration Monitoring on your Company's Internal Security settings.

It will then proceed to obtain workstation configuration info from the macOS, Linux, and Windows devices registered in the Kolide instance for compliance purposes.

Prerequisites

  • Make sure you have Administrator or Super Administrator access to your company's Kolide account. Specifically, you'll need the ability to create a new Custom API Token.

  • Create and copy your Kolide API Token. To more at how to create your Kolide API token.

    • Drata only requires read access, which is the default setting for all Kolide API tokens. You do not need to add any write privileges.

Enable Kolide

  1. Select Connections on the side navigation menu.

  2. Select the Available connections tab, search for Kolide, and select Connect.

  3. Select Create connection.

  4. Enter the API Token you previously created.

  5. Choose any relevant checks to map for Drata’s compliance monitoring tests.

  6. The following list displays Drata's monitoring tests along with their corresponding default Kolide checks.

    • Screensaver Lock Required on Employee Computers

      • Linux Screen Lock - Require Gnome Secure Screen Lock Configuration

      • Linux Screen Lock - Require Cinnamon Secure Screen Lock Configuration

      • Linux Screen Lock - Require Mate Secure Screen Lock Configuration

      • macOS Screen Lock - Require Secure Screen Lock Configuration

      • Windows Screen Lock - Require Secure Screen Lock Configuration

    • Password Manager Software Installed on Employee Computers

      • No Default Options

    • Malware Detection Software Installed on Employee Computers

      • Windows Security Center - Require Antivirus to Be Enabled

      • Gatekeeper - Require macOS Gatekeeper to Be Enabled

    • Security Patches Auto-Applied on Employee Computers

      • Ubuntu - Require Unattended Upgrades to Be Properly Configured

      • macOS Software Updates - Require Automatic Updates to Be Enabled

      • macOS Software Updates - Ensure OS Version is Up-to-date

      • Ubuntu - Ensure OS Version is Supported

      • Windows Software Updates - Ensure Important OS Updates Are Installed

    • Hard-Disk Encryption Enabled on Employee Computers

      • BitLocker - Require Primary Disk to Be Encrypted

      • FileVault - Require Primary Disk to Be Encrypted

      • Linux Disk Encryptions - Require Disk To Be Encrypted

Note that you can adjust away from these defaults for all listed Monitors, especially if your tenant has customized Kolide checks you want to make use of, instead of the default Kolide checks that will be initially mapped by Drata.

Once the connection is established, the output of the checks in Kolide will be imported nightly to Drata and used as compliance evidence for the listed Drata monitoring tests.

Troubleshoot

When there is a test failure in Drata, verify if the result in Kolide is NULL. In Kolide, it is possible that checks with NULL results leads to test failures in Drata.

External resources

Did this answer your question?