Ctrlk

Console

Overview of the LinuxGuard console — the v3.0 five pillars plus v4.0 expanded pillars (Baselines, Efficiency, Audit, Integrations, Posture, Notifications).

The LinuxGuard console organizes security, compliance, configuration, and operational surfaces into pillars accessible from the left sidebar. The v3.0 release shipped six pillars (Dashboard, Identity Intelligence, Zero Trust Enforcement, Compliance & Audit, Infrastructure, What Changed). v4.0 adds eight new pillars covering baseline management, efficiency analysis, privileged-action audit, expanded compliance and Zero Trust program surfaces, integrations, cross-cutting posture views, and notifications. Pillars with module assignments are only visible to tenants with the corresponding module license; tenants without an entitled module see an upgrade prompt in place of that pillar's content. Settings, accessible below the pillar navigation, provides API key management, alert routing, and behavioral analytics configuration.

What's in this section

v3.0 pillars

  • Dashboard — Identity risk score, fleet posture, top identity risks, and critical findings feed.

  • Identity Intelligence — Cross-server identity profiles, risk scoring, SSH keys, NHI inventory, and access patterns.

  • Zero Trust Enforcement — Signals with MITRE mapping, config drift attribution, SUDO policy analysis, file monitoring, and findings.

  • Compliance & Audit — Framework scores, history, suppressions, audit logs, and reports.

  • Infrastructure — Fleet inventory, server detail tabs, efficiency, and baseline configuration.

  • What Changed — Mapping from the old flat section list to the 5-pillar model.

v4.0 new pillars

  • Baselines — Known-good snapshots of accounts, groups, SSH/SSHD config, and SUDO with drift detection.

  • Efficiency — Rightsizing, storage, network IO, JVM, waste assessment, labor savings, and reports.

  • Audit — Authorizations audit and SUDO execution audit for privileged-action reconciliation.

  • Compliance Expansion — Frameworks browser, evidence collection, history, reports, suppressions; evidence-location reference for per-framework pages.

  • Integrations — JIRA, Teams, Slack, Syslog, SIEM, generic webhooks, and per-integration deliveries.

  • Zero Trust Expansion — Policies, findings, playbooks, active responses history, SUDO policies/executions, SELinux, and policy violations.

  • Posture — Cross-cutting Compliance / Configuration / Health posture with per-server ranking.

  • Notifications — Notification rules, suppressions, and rule edit/new flows.

Related: Security Architecture | Active Response | Alerting & SIEM Integration | Glossary

PreviousAlerting & SIEM IntegrationNextDashboard

Last updated

Was this helpful?