Documentation Index

Fetch the complete documentation index at: https://support.appgate.com/llms.txt

Use this file to discover all available pages before exploring further.

Create a new risk rule

  • Published on Jun 17, 2026
  • 1 minute read
Prev Next

ZTP gives you access to the Risk Engine, an AppGate ZTNA capability available exclusively through ZTP. The Risk Engine continuously analyzes data based on Risk Rules, which use built-in adapters to simplify third-party integrations with products your company already uses to manage and secure business assets.

The Risk Engine continuously receives, stores, and analyzes incoming data, then assigns a Risk Level—low (1), medium (2), or high (3)—based on the Risk Mapping you define for a chosen adapter. Risk Mapping is the configuration process that tells the Risk Engine how to convert third-party data into AppGate ZTNA Risk Levels.

ZTP currently supports adapters for the following products:

  • CrowdStrike Falcon Insight

  • CrowdStrike ZTA

  • McAfee MVISION

  • Microsoft Intune

  • SentinelOne (early access)

  • OS Checker

The Risk Engine works as follows:

  1. The ZTP admin defines one or more Risk Rules. Each Risk Rule uses an adapter to communicate with the corresponding external service provider. Data is captured automatically approximately every 20 minutes and analyzed to produce a Risk Level based on the defined Risk Mapping.

  2. An end user logs in to their AppGate ZTNA client.

  3. In addition to user and device claims, the Controller requests the end user's current Risk Level from the Risk Engine.

  4. The end user receives entitlements based on conditions that include the Risk Level.

  5. Entitlements allow the end user to access protected assets through Gateway appliances.

ZTP admins and AppGate ZTNA admins can customize the Risk Model to suit their business needs. This includes assigning weighting and priority factors to individual adapters. AppGate ZTNA admins can also set a default Risk Model from the AppGate ZTNA admin console to handle situations such as:

  • An adapter connection failure

  • Receipt of invalid data

  • An AppGate ZTNA Collective being unable to contact the Risk Engine

For more information, refer to Fallback risk levels.

To access the Risk Engine, open the ZTP Cloud Console, select Services, then select Risk Engine from the left menu. Click +Add New and continue with the configuration.

Related articles