Posture Remediation Wizard
Focus
Focus
Prisma Browser

Posture Remediation Wizard

Table of Contents

Posture Remediation Wizard

The Posture Remediation Wizard guides end users through resolving device posture issues that prevent access to the Prisma Browser.
Where Can I Use This?What Do I Need?
  • Strata Cloud Manager
  • Prisma Browser standalone
  • Prisma Access with Prisma Browser bundle license or Prisma Browser standalone license
  • Superuser or Prisma Browser role
  • At least one Sign-in rule with posture conditions configured
When a device does not meet the posture requirements defined in a Sign-in rule, the Prisma Browser blocks access and displays the Posture Remediation Wizard. The wizard provides end users with clear, step-by-step guidance on how to resolve each posture issue so they can regain access without contacting IT support.
The wizard automatically identifies which posture attributes failed and presents actionable instructions for each one. It shows the user what their current device setting is compared to what the organization requires, and provides direct links to the relevant operating system settings when applicable.
The Posture Remediation Wizard is available on the Prisma Browser Desktop. It is not available on the Prisma Browser for Mobile or the Prisma Browser Extension.

How the Posture Remediation Wizard Works

When a device fails a posture check during sign-in, the Prisma Browser displays the wizard instead of a generic block page. The wizard contains:
  • A sidebar listing all posture steps that require resolution. Each step displays the attribute name and an indicator of whether the user can resolve it independently or requires assistance.
  • A detail panel showing the selected step with:
    • A description of the posture attribute and why it matters
    • A settings comparison showing the current device value versus the administrator requirement
    • Step-by-step instructions for resolving the issue
    • A shortcut to open the relevant operating system settings (when available)
  • Alternative remediation paths — when the posture policy allows multiple ways to become compliant, users can view and select an alternative path that may be easier to complete.
After completing all remediation steps, the wizard presents a final step prompting the user to sign in again. The Prisma Browser then re-evaluates the device posture against the configured rules.

Supported Posture Attributes

The wizard provides remediation guidance for the following posture attributes. Each attribute displays tailored instructions based on the specific mismatch detected:
AttributeResolution LevelDescription
Screen LockUserVerifies that the device is protected by a password, PIN, or biometric lock.
Location ServicesUserChecks if the operating system location services are enabled.
Full OS Boot ModeUserEnsures the device was started normally and is not running in Safe Mode.
Active Remote ConnectionUserDetects if the device is being accessed remotely.
Browser VersionUserChecks if the browser version meets the minimum requirement.
LocationUserVerifies the device location is within an authorized region.
NetworkUserIdentifies whether the device is connected to an approved network.
OS VersionLocal adminChecks the operating system version meets the minimum requirement.
Disk EncryptionLocal adminConfirms that full disk encryption is active.
FirewallLocal adminConfirms that a firewall is active on the device.
Endpoint ProtectionLocal adminConfirms that an endpoint protection solution is installed and running.
System IntegrityLocal adminVerifies that critical system files have not been tampered with.
Running ProcessesLocal adminChecks if required or prohibited programs are running.
Unprivileged ProcessLocal adminDetects if the browser is running with unnecessary administrative privileges.
File ExistenceLocal adminChecks for the presence of specific compliance files.
RegistryLocal adminChecks for specific system configurations in the Windows Registry.
Client CertificateIT administratorVerifies that the device has a valid organization-issued certificate.
Device ManagementIT administratorChecks if the device is enrolled in the organization MDM system.
Serial NumberIT administratorVerifies that the device serial number is on the approved list.
Device TypeHardware changeCategorizes the device hardware to confirm it meets requirements.
The Resolution Level column indicates who can resolve the issue:
  • User — The end user can resolve the issue independently.
  • Local admin — The user needs local administrator privileges on the device.
  • IT administrator — The user must contact their IT department for assistance.
  • Hardware change — The issue requires switching to a different device.

Alternative Remediation Paths

When a Sign-in rule contains multiple posture conditions that can satisfy compliance, the wizard presents alternative paths to the user. Each alternative shows how many steps are required and whether any steps need administrator assistance. Users can switch between alternatives to find the path that is easiest for them to complete.

Customize Wizard Instructions

Administrators can customize the title and instructions displayed for each posture check in the remediation wizard. This allows organizations to provide context-specific guidance that reflects internal processes or tools.
To customize the remediation text for a posture check:
  1. Navigate to the Sign-in rule that contains the posture condition.
  2. Open the Dialog Texts settings for the relevant posture check.
  3. Edit the Title and Instructions fields with your organization-specific guidance.
  4. Save the rule.
If no custom text is configured, the Prisma Browser displays default remediation instructions for each attribute.

Direct OS Settings Access

For certain posture attributes, the wizard provides a shortcut button that opens the relevant operating system settings panel directly. This reduces the number of steps the user must take to resolve the issue. The following attributes support direct OS settings access:
  • OS Version — opens the system update settings
  • Screen Lock — opens the security or privacy settings
  • Location Services — opens the location privacy settings