Updated on April 15, 2025

Security Rules

Security Rules

A rule is a code snippet with associated metadata, such as severity, which is used to identify a specific violation of a SaaS resource. A rule can be associated with one or more sub-categories of rule categories such as compliance standard, domain, MITRE ATT&CK, and Netskope best practices.

View Rules

To see the Custom, Predefined or Template Rules, follow:

  1. Log in to your Netskope tenant UI.

  2. Navigate to Policies > Security Posture. Then, click the SaaS tab.

  3. Click on the Rules tab. You will see a list of rules and corresponding categories.

  4. Click on a rule to get a detailed view with the name of the rule, severity, definition, category the rule belongs to, remediation steps, and a brief description.

The Rules table shows:

  • Rule Name: Name of the rule.

  • Category: The category the rule belongs to like compliance standard, domain, MITRE ATT&CK, Netskope Best Practices, or uncategorized.

  • Type: The type of rule. It can either be predefined or custom.

  • Severity: The severity of the rule. A severity can either be critical, high, medium, or low.

  • In Policies: Total number of policies the rule is in use.

Actions on the Rule

  • Select one or more custom rules to revert or delete rule.

  • Click on the icon to the right of the rule for options. Depending on whether the rule is predefined or custom, the following options are available:

    • View: Get a detailed view of the rule with the name of the rule, severity, definition, category the rule belongs to, remediation steps, and a brief description. For custom rules, click the name of the rule to get a detailed view.

    • Clone: Clone the rule to modify as per requirements.

    • Policy: Associate the rule to an existing policy.

    • Edit: Make changes to the rule. This option is available for custom rules only.

    • Delete: Netskope deletes the rule. This option is available for custom rules only.

    • Import to Rule: Copy the template to make a custom rule out of a template. This option is available for template rules only.

Save and apply changes to reflect the changes in the UI.

Filters in Rules

  • Search a rule by Rule Name ~ search filter.

  • Filter the rules based on Policies filter. Select a policy from the Policies drop-down.

  • Filter the rules based on Compliance Standard, Domain, MITRE ATT&CK and Netskope Best Practices

  • Click + ADD FILTER to filter the rules based on App Suite, Resource Type, Severity, Rule Type, and Uncategorized Rules.

References

Articles

Share this Doc

Security Rules

Or copy link

In this topic ...