Netskope Help

Security Assessment Rule

A rule is a code snippet with associated metadata, such as severity, which is used to identify a specific violation of an IaaS resource. A profile comprises of multiple rules. To access the RULES page:

  1. Log in to the Netskope tenant UI.

  2. Navigate to Policies > Security Assessment.

    The Security Assessment page opens.

  3. Click Profiles & Rules. The Profiles & Rules page displays a list of rules in the Rules section.

    The fields are:

    • RULE NAME: Name of the rule.

    • TYPE: The type of rule. The TYPE can either be predefined or custom.

    • SEVERITY: The severity of the rule. A severity can either be critical, high, medium, or low.

    • IN POLICIES: Total number of policies the rule is in use.

Click the More Options icon (...) to the right of the rule entry and select one of the following options:

  • View: Select to view the rule details. For more information about rule details, see Rule Detail.

  • Clone: Select to create a duplicate copy of the rule.

  • Create Profile: Select to create a new profile based on the selected rule.

In the rules table, you can select multiple rules and perform the following tasks:

  • CREATE PROFILE: On selecting this option, you can create a new profile based on the selected rule.

  • REVERT: On selecting this option, Netskope reverts the rule to its last applied change.

  • DELETE: On selecting this option, Netskope deletes the rule.

Also, you can perform the following tasks:

  • Search a rule from the Rule Name ~ search field.

  • Click + ADD FILTER to filter the rules based on Cloud Provider, AWS Service Name, Azure Service Name, GCP Service Name, Used in Policy, Profile Name, Profile Type, Compliance Standard, Rule TypeSeverity, and Draft.

Rule Detail

You can click on a rule in the rules table to view detailed information about the rule. The Rule Detail window provide a description of the rule.

The window contains the following three tabs,

  • Definition: The rule syntax defining the predefined or custom rule. Custom rules can be defined using Domain Specific Language.

  • Remediation: The remediation action to be performed to remediate the violation. Some rules also provide manual steps to remediate the violation.

  • Compliance: The various compliance standards that the rule satisfies. This tab provides the compliance standard, section, control, and description of the rule defined in the compliance standard's documentation.

  • Other: The rule description, CSP services being scanned, and the type of rule.