The Overall Endpoint Compliance widget represents the computed security posture of the organization across all enrolled endpoints and enabled frameworks. This value is derived from the compliance evaluation engine, which aggregates control results rather than relying on static configuration flags.
Endpoint agents continuously transmit telemetry related to configuration state, inventory, and runtime indicators. The backend normalizes this data, evaluates it against control logic, and applies severity-based weighting to calculate an aggregate compliance score.
This widget is useful because it provides a high-level but technically grounded signal of whether the environment is converging toward or drifting away from the defined security baseline.
Technically, this widget is driven by:
Control evaluation results across all devices
Severity-weighted aggregation logic
Periodic recomputation based on telemetry refresh cycles
Active Frameworks
The Active Frameworks widget shows how many compliance frameworks are currently enabled and contributing controls to the evaluation pipeline. Frameworks in Trio act as control namespaces, each registering a distinct set of controls mapped to the internal control model.
When a framework is activated, its controls are included in evaluation cycles without duplicating telemetry collection. Controls across frameworks may reference the same underlying data sources but are evaluated independently for traceability.
This widget is useful because it clearly defines the scope of compliance evaluation at any given time.
From a system perspective:
Framework activation dynamically loads control definitions
Controls are evaluated in parallel across frameworks
Framework isolation preserves audit alignment
Controls Passed / Total
This widget exposes the raw count of controls that currently satisfy their evaluation logic versus the total number of evaluated controls. It reflects the ground truth of control evaluation, not an abstract score.
Each control contributes to this count only if it is applicable, not skipped, and actively evaluated. Policy-backed controls require verified policy assignment, while control-check controls require telemetry-backed conditions.
This widget is useful because it allows engineers to reason about compliance density and coverage, not just percentages.
Internally, the count is derived from:
Control evaluation engine output
Applicability filtering per platform and framework
Exclusion of skipped or unsupported controls