I mentioned the idea of host integrity assessment in my post Controls Are Not the Solution to Our Problem . The idea is to sample live devices (laptops, desktops, servers, routers, switches -- anything that runs a network-enabled operating system) to see if they are trustworthy . (They may be trusted , but that does not make them trustworthy .) I described how I might determine trustworthiness, or integrity , in Three Capabilities, Three Companies . I'd like to expand on these thoughts with five metrics. Before showing the security metrics, I'd like to introduce an analogy. Imagine a city with an understaffed, under-resourced, and possibly unappreciated fire department. The FD would like to prevent fires, but it spends most of its time responding to fires. How should city leadership decide how to staff and resource the FD? (There is no way to eliminate fires, at least no way that could ever be financed using any foreseeable resources. Even if people lived in concrete c