Get started

Install the SAUTERA Witness sensor

The SAUTERA Witness sensor reads a device’s vitals and immune signals and vouches for them to SAUTERA. It runs two ways — choose per estate:

• Installed (push) — a signed binary on the host. Windows and Linux ship today.
• Agentless (pull) — remote collection over SSH, WMI/WinRM, or SNMP, with nothing installed on the device.

Installed sensor — one-click

1. In the portal, open Prove → SAUTERA Witness.
2. Choose the platform (Windows or Linux) and select One-Click Install.
3. Run the downloaded script as Administrator (Windows) or root (Linux).
4. The sensor registers as a service and begins reporting over a signed channel.
5. The portal’s Witness Reporting Status flips to Reporting within about a minute.

Prefer an unattended rollout? The installer accepts your endpoint and a tenant key via environment variables so it can be pushed across a fleet with your existing configuration management.

Agentless coverage

For devices where you won’t install software — appliances, network gear, or locked-down hosts — point SAUTERA at them with read credentials. It collects over SSH (Linux), WMI/WinRM (Windows), or SNMP (network devices), scores them, and folds them into the same trust posture as installed hosts.

What it reads

Patch currency, AV/EDR presence and currency, host firewall, disk encryption, exposed listening surface, known CVEs, lifecycle/EOL status, and the vitals (CPU, memory, disk, uptime). Trust is concluded from what is observed — where coverage is insufficient, the device reads Unknown rather than a guess.

Next

Once the sensor is reporting, read your trust posture →