Skip to main content

Rules

On this page you can view a list of all the checks that have been conducted in your cloud accounts against specific rules build upon both our own, and international compliance standards.

Rules view allows you to zoom in on which rules need to be resolved to help you stay compliant.

Important

This page only contains present time information and statuses for rule compliance.

You can access the page using the Rules link in the menu on the left side of the console.

CSPM_GCP_rules_412741_en.png
  1. Your Security Brief - The number of open checks by severity level.

  2. Rules list - This section displays the current, complete list of rules that your cloud accounts are checked against every time a scan is ran. It contains the following elements:

    1. Search box - A search box you can use to customize the list of rules that is displayed on the page, based on Rule title.

    2. Rule list - A table containing a list of all currently existing rules, along with the overall scoring for your cloud accounts in complying with the rule. The table displays the following columns:

      • Rule title - The name of the GravityZone Cloud Security rule, as well as the cloud provider it applies to.

      • Scoring - Scoring displays how many resources have passed or failed a rule.

        Findings that are marked as Open, False Positive, Risk Accepted, or Needs review are considered as failed.

  3. Filters - Filters allow you customize the list of rules currently displayed on the page based on the following criteria

    • Compliance

      Filter rules by compliance standards. Customized standards are marked with a Custom label. The cloud provider icons represent the standard coverage.

    • Account

      Filter rules by onboarded accounts. The cloud provider icon shows the account provider type.

    • Region

      Filter the region the resource belongs in.

    • Tags/labels

      Resource tags or labels that are defined in the cloud account.

    • Resource type

      Filter rules by resource type. The cloud provider icon shows the resource provider type.

    • Severity

      Filter rule's severity.

    • Scoring

      Filter rules by Pass or Fail score.

    • Status

      Filter rules by rule status: Pass, Risk Accepted, False Positive, Needs Review.

Investigating rules

CSPM_rules_list_filter_425532_en.png

The table is sorted by scoring, from low to high.

You can customize the list of displayed rules by using one of the methods below:

  • Use the search search box above the list to filter by rule name.

  • Use the Filters in the right side of the list.

To display more information about a specific rule and what checks resulted from it, follow the steps below:

  1. Click on the rule you want to investigate.

    CSPM_rules_list_select_425532_en.png

    A list of all the scan groups where checks were made against the rule is displayed.

    CSPM_rules_list_select_2_425532_en.png
  2. Click on the scan group you want to investigate.

    All scans related to the selected rule made on scan group are displayed:

    CSPM_rules_list_select_3_425532_en.png
  3. Click on the Open link under the Status column to display additional information on why a specific check has failed.

    The Check details panel is displayed.