Skip to main content

Netskope Help

Create a Next Generation Security Posture Rule

To create a Next Generation security posture rule:

  1. Log in to the Netskope tenant UI.

  2. Navigate to Policies > Security Posture. Then, click the Next Gen tab.

    The Security Posture page opens.

  3. Click theRules tab.

  4. Click New Rule.

    The New Custom Rule page opens.

  5. Under Rule Name, enter a rule name.

  6. Under Severity, select the rule severity from the drop-down list. The available options are Critical, High, Medium, and Low. Select the level of severity you want to assign to this rule.

  7. Under Definition, enter a rule definition using Netskope Governance Language (NGL). For information on NGL, see Custom Rules Using Netskope Governance Language.

    Note

    When you type a text inside the definition edit box, Netskope gives the NGL syntax along with auto suggestions for your reference.

    Alternatively, use the Import from Rule option to import and modify an existing rule.

  8. (Optional) On clicking Search In Inventory, Netskope searches this custom rule on the API-enable Protection > Security Posture (Next Gen) > Inventory page and lists the inventory impacted by this custom rule.

  9. Click Validate Definition to validate the rule and fix any syntax errors.

  10. Under the Compliance Standard tab and specify the compliance standards that the rule must satisfy.

    • Standard: The name of the compliance standard, like CIS Benchmark v3.0.1, NIST-CSF, etc.

    • Section: The section of the document that describes the compliance standard.

    • Control: The section control of the document that describes the compliance standard.

    For example, the predefined rule BPR-SALESFORCE-0-19 Streaming is enabled for real time events, and at least 1 client is subscribed to the event stream is defined in the Best Practices Salesforce document. In this example, BPR-SALESFORCE is the compliance standard, 0 is the section, and 19 is the control.

  11. Click +Add to specify a new compliance standard that the rule must satisfy.

  12. (Optional) Under the Remediation tab and enter the manual remediation steps.

  13. (Optional) Under the Description tab and a short description of the custom rule.

  14. Click Save to save the rule.

    The rule is displayed in the Rules section of the Rules page.

  15. On the Security Posture page, click Apply Changes.