Netskope SaaS Security Posture Rule

Netskope SaaS Security Posture Rule

A rule is a code snippet with associated metadata, such as severity, which is used to identify a specific violation of a SaaS resource. A rule can be associated with one or more sub-categories of rule categories such as compliance standard, domain, MITRE ATT&CK, and Netskope best practices. To access the Rules page:

  1. Log in to the Netskope tenant UI.
  2. Navigate to Policies > Security Posture. Then, click the SaaS tab.

    The Security Posture page opens.

  3. Click the Rules tab. The Rules page displays a list of rules and corresponding categories.
  4. The Rules table has the following fields:
    • Rule Name: Name of the rule.
    • Category: The category the rule belongs to like compliance standard, domain, MITRE ATT&CK, Netskope Best Practices, or uncategorized.
    • Type: The type of rule. It can either be predefined or custom.
    • Severity: The severity of the rule. A severity can either be critical, high, medium, or low.
    • In Policies: Total number of policies the rule is in use.
  5. You can select a rule or multiple rules and revert (rollback) or delete a rule.
  6. You can click a rule name to get a detailed view of the rule like the name of the rule, severity, definition of the rule, category the rule belongs to, remediation steps, and a brief description.

You can perform certain actions by clicking the More Options icon () to the right of the rule entry. Depending on whether the rule is predefined or custom, the following options are available:

  • View: On selecting this option, you can get a detailed view of the rule. It displays the definition of the rule, the remediation steps to correct violation (including manual steps), the rule category the rule satisfies, rule description, and services. For custom rules, click the name of the rule to get a detailed view.
  • Edit: On selecting this option, you can edit the rule. This option is available for custom rules only.
  • Delete: On selecting this option, Netskope deletes the rule. This option is available for custom rules only.
  • Policy: On selecting this option, you can associate the rule to an existing policy.

    Note

    Make sure to save and apply changes.

Also, you can perform the following tasks:

  • Search a rule from the Rule Name ~ search field.
  • You can filter the rule list based on a policy. To do so, select a policy from the Policies drop-down.
  • Click + ADD FILTER to filter the rules based on App Suite, Resource Type, Severity, Rule Type, Compliance Standard, Domain, MITRE ATT&CK, Netskope Best Practices, and Uncategorized Rules.
Share this Doc

Netskope SaaS Security Posture Rule

Or copy link

In this topic ...