Netskope Help

Security Posture Rule

A rule is a code snippet with associated metadata, such as severity, which is used to identify a specific violation of a SaaS resource. A profile comprises of multiple rules. To access the RULES page:

  1. Log in to the Netskope tenant UI.

  2. Navigate to Policies > Security Posture.

    The Security Posture page opens.

  3. Click the Profiles & Rules tab. The Profiles & Rules page displays a list of rules in the Rules section.

    The fields are:

    • Rule Name: Name of the rule.

    • Type: The type of rule. It can either be predefined or custom.

    • Severity: The severity of the rule. A severity can either be critical, high, medium, or low.

    • In Policies: Total number of policies the rule is in use.

You can perform certain actions by clicking the More Options icon (...) to the right of the rule entry. Depending on whether the rule is predefined or custom, the following options are available:

  • View: On selecting this option, you can get a detailed view of the rule. It displays the definition of the rule, the remediation steps to correct violation (including manual steps), the compliance standard the rule satisfies, rule description, and services. For custom rules, click the name of the rule to get a detailed view.

  • Edit: On selecting this option, you can edit the rule. This option is available for custom rules only.

  • Clone: On selecting this option, Netskope creates a duplicate copy of the rule.

  • + Create Profile: On selecting this option, create a new profile based on the selected rule. For more information, see Create a Security Posture Profile.

  • Delete: On selecting this option, Netskope deletes the rule. This option is available for custom rules only.

In the rules table, you can select multiple rules and perform the following tasks:

  • Create Profile: On selecting this option, you can create a new profile based on the selected rule.

  • Revert: On selecting this option, Netskope rolls back the rule to its last applied change. The newly created rule gets deleted. This option is available for custom rules only.

  • Delete: On selecting this option, Netskope deletes the rule. This option is available for custom rules only.

Also, you can perform the following tasks:

  • Search a rule from the Rule Name ~ search field.

  • Click + ADD FILTER to filter the rules based on Cloud Provider, Used in Policy, Profile Name, Profile Type, Compliance Standard, Rule TypeSeverity, and Draft.