Is possible to change the audit script to know if a windows computer have TPM chip and is have bitlocker/disk encryption active?
This is available using WMI. I'll add it to the wish list.
Bitlocker uses the BDESVC service. You could create a query to report on every Windows devices with/without this service running.
Check out this wiki article for help creating a query - Creating Custom Reports
Regarding the TPM chip, this article on HowToGeek goes into great depth on what needs to be checked - https://www.howtogeek.com/287737/how-to-check-if-your-computer-has-a-trusted-platform-module-tpm-chip/
Powered by a free Atlassian Confluence Open Source Project License granted to Opmantek. Evaluate Confluence today.