Policies included with the Security Posture Control application
Summarize
Summary of Policies Included with the Security Posture Control Application
The Security Posture Control (SPC) application includes several pre-defined policies essential for monitoring security measures and gaining insights. These policies are initially deactivated and must be activated to view findings on the dashboard within the SPC Workspace.
Show less
Key Features
- Policies monitor security controls, including endpoint protection and vulnerability scanners.
- Identify unmanaged devices within your network.
- Monitor critical combinations that may indicate security risks, such as missing controls or internet exposure.
- Support for SPC API Integrations for tracking mitigation controls.
You can clone these policies to create custom ones, although cloned policies will not appear as key insights on the main dashboard. Custom findings and insights can still be configured for these cloned policies.
Key Outcomes
After cloning and activating your custom policies, you need to create a custom insight record using the Custom Insight Builder to view the data from your policies. This allows for tailored monitoring and remediation management based on your organization's specific needs.
For further guidance, you can refer to resources on creating, activating, and configuring your own policies within the SPC application.
There are a few policies that are included with the Security Posture Control application that are tied to important use cases and are ultimately shown as key insights on the dashboard on the landing page (Home module) in the SPC Workspace.
Viewing policies
To view these policies, navigate to .
These policies are deactivated by default. You must activate them before you can view returned results (Findings). You cannot edit these policies, but you can use them to help you create other policies by cloning their conditions as a starting point. See Clone a policy or create a child policy in Security Posture Control for more information.
You can clone these policies to create your own custom policies but note that any policies you clone are not reflected as key insights on the dashboard on the Home landing page with the key insights that are included with the application. However, you can configure findings for these cloned policies and see the returned results from these policies.
You can configure custom insights or reports for the cloned policies, or, alternatively configure findings for these cloned policies to manage remediation. You can also create your own custom policies from scratch to monitor security controls coverage as per your internal requirements.
- Policies that monitor security controls coverage (endpoint protection and vulnerability scanner).
- Policies that identify unmanaged devices.
- Policies that monitor toxic combinations that involve critical combinations such as missing security controls, internet exposure, and so on.
- Policies for SPC API Integrations for Mitigation Controls Monitoring.
After you clone and activate any policies you create, you must create your own custom insight record on the Custom insight builder module in the workspace (the last module in the navigator panel). Only then can you view the data from your policies on the Custom insights dashboard (the second icon from the top in the workspace).
Creating your own policies
See Creating your own policies in the Security Posture Control application for more information about how to create your own policies.
For example policies, see Examples of base, child, and cloned policies for Security Posture Control.
See Create and activate custom policies for Security Posture Control for more information about the steps required to create a policy.
See Mitigation controls and policies in Security Posture Control for more information for more information about policies used for mitigation controls monitoring.