Netskope Help

Security Assessment Policy

A security assessment policy is a set of custom or predefined profile(s). You can create a security assessment policy for an IaaS app. To access the policy page:

  1. Log in to the Netskope tenant UI.

  2. Navigate to Policies > Security Assessment.

    The Security Assessment page opens.

  3. The Security Assessment page displays a list of polices configure for the IaaS apps. The fields are:

    • POLICY NAME: Name of the policy.

    • INSTANCE: Name of the instance for which the policy is defined.

    • PROFILE: List of profiles associated with the policy.

    • LAST EDIT: Time stamp of the last edited policy.

You can edit, revert, disable, clone, and delete a policy. Click the More Options icon (...) to the right of the policy entry and select one of the following options:

  • Edit: On selecting this option, you can edit the policy.

  • Revert: On selecting the option, Netskope reverts the policy to its last applied change.

  • Disable: On selecting this option, Netskope disables the policy and stops the scan for the policy.

  • Clone: On selecting the option, Netskope creates a duplicate copy of the policy.

  • Delete: On selecting this option, Netskope deletes the policy.

    Note

    If you delete a policy, scanning stops at the next scan interval. The existing scan continues to run till it finishes.

In the polices table, you can select multiple policies and perform the following tasks:

  • DISABLE: On selecting this option, Netskope disables the policy and stops the scan for the policy.

  • REVERT: On selecting this option, Netskope reverts the policy to its last applied change.

  • DELETE: On selecting this option, Netskope deletes the policy.

    Note

    If you delete a policy, scanning stops at the next scan interval. The existing scan continues to run till it finishes.

Also, you can perform the following tasks:

  • Search a policy from the Policy Name ~ search field.

  • Click + ADD FILTER to filter the policies based on Cloud Provider, Instances, Profile, and Rule Name.

Create a Security Assessment Policy

To create a security assessment policy:

  1. Log in to the Netskope tenant UI.

  2. Navigate to Policies > Security Posture.

    The Security Posture page loads.

  3. Click New Policy.

    The New Security Posture Policy page opens.

  4. Under Instances, select a cloud services provider (CSP) and click in the Account field to specify the CSP accounts. You can click the gear icon in the drop-down of the text field to view your CSP accounts configured under Settings > API-enabled Protection > Cloud Infrastructure.

    If no accounts are specified, then the policy applies to all accounts configured for security assessment for that CSP.

  5. Under Profile & Action, select the predefined security assessment profiles. By default, an alert is generated when a profile match is found.

    When you select Show Rules, the rules related to the selected profiles are displayed under Rules & Actions. You can click on the rule to view the rule details.

  6. Under Policy Name, provide a name for the policy.

    1. Expand Policy Description, enter a short description of the profile.

    2. Expand Email Notification and provide the following:

      • frequency of the notification

      • the recipients of the email notification

      • optionally, the sender's email address.

      Click Done.

  7. Under Status, click on the slider to enable the policy.

  8. Click Save to save the profile.

  9. On the Security Assessment page, click Apply Changes.

Once you apply the changes, Netskope accesses and analyzes the posture of the AWS, Azure, and Google Cloud Platform resources, and alerts the administrator for risk and possible remediation.