Netskope Help

Create a Security Assessment Rule

To create a security assessment rule:

1. Click NEW RULE.

The New Custom Rule page opens.

2. Under RULE NAME, enter a rule name.

3. Under CLOUD PROVIDER, select a cloud services platform and click SAVE & CONTINUE.

4. Under SEVERITY, select the rule severity from the drop-down list. The available options are Critical, High, Medium, and Low. Select the level of severity you want to assign to this rule.

5. Under DEFINITION, enter a rule definition using Domain Specific Language (DSL). For information on DSL, see Custom Rules using Domain Specific Language.

Alternatively, use the IMPORT FROM RULE option to import and modify an existing rule.

6. Click SAVE AS DRAFT to continue working on the rule or SAVE to save the rule.

7. Click VALIDATE DEFINITION to validate the rule and fix any syntax errors.

8. Click the COMPLIANCE tab and specify the compliance standards that the rule must satisfy.

• STANDARD: The name of the compliance standard, like CIS-AWSFND-1.2.0, NIST-CSF, etc.

• SECTION: The section of the document that describes the compliance standard.

• CONTROL: The section control of the document that describes the compliance standard.

For example, the predefined rule CIS-AWSFND-1.2.0-2-3 Ensure the S3 bucket CloudTrail logs to is not publicly accessible is defined in the CIS AWS Foundations document. In this example, CIS-AWSFND-1.2.0 is the compliance standard, 2 is the section, and 3 is the control.

9. Click +ADD to specify a new compliance standard that the rule must satisfy. Click SAVE AS DRAFT to continue working on the rule or SAVE to save the rule.

10. Click the OTHER tab to specify a rule description. Click SAVE AS DRAFT to continue working on the rule or SAVE to save the rule.

The rule is displayed in the Rules section of the Profiles & Rules page.

11. Click APPLY CHANGES.