Netskope Help

Create a Security Posture Rule

To create a security posture rule:

  1. Log in to the Netskope tenant UI.

  2. Navigate to Policies > Security Posture.

    The Security Posture page opens.

  3. Click the Profiles & Rules tab.

  4. Click New Rule.

    The New Custom Rule page opens.

  5. Under Rule Name, enter a rule name.

  6. Under Cloud Platform, select a SaaS app and click Save & Continue.

  7. Under Severity, select the rule severity from the drop-down list. The available options are Critical, High, Medium, and Low. Select the level of severity you want to assign to this rule.

  8. Under Definition, enter a rule definition using Domain Specific Language (DSL). For information on DSL, see Custom Rules using Domain Specific Language.

    Alternatively, use the Import from Rule option to import and modify an existing rule.

  9. Click Save as Draft to continue working on the rule or Save to save the rule.

  10. Click Validate Definition to validate the rule and fix any syntax errors.

  11. Click the Compliance tab and specify the compliance standards that the rule must satisfy.

    • Standard: The name of the compliance standard, like CIS Benchmark v3.0.1, NIST-CSF, etc.

    • Section: The section of the document that describes the compliance standard.

    • Control: The section control of the document that describes the compliance standard.

    For example, the predefined rule BPR-SALESFORCE-0-19 Streaming is enabled for real time events, and at least 1 client is subscribed to the event stream is defined in the Best Practices Salesforce document. In this example, BPR-SALESFORCE is the compliance standard, 0 is the section, and 19 is the control.

  12. Click +Add to specify a new compliance standard that the rule must satisfy. Click Save as Draft to continue working on the rule or Save to save the rule.

  13. Click the Other tab to specify a rule description. Click Save as Draft to continue working on the rule or Save to save the rule.

    The rule is displayed in the Rules section of the Profiles & Rules page.

  14. Click APPLY CHANGES.