Create a Network Exposure Policy

You have the ability to create network exposure policies based on your organization’s requirements. You can build a new network exposure policy based on the
config from network where
RQL query to monitor the network exposure of an asset across your cloud environment.
  1. Select
    Add Policy
  2. Enter your policy details.
    1. Add the
      Policy Name
    2. Description
      are optional.
    3. Click
  3. Enter your RQL query in the search bar.
    The default option of
    New Search
    enables you to build a new RQL query from scratch while
    Saved Search
    enables you to use a RQL query that you previously saved. For example, the following RQL query finds the interfaces that are accessible from any untrusted Internet source:
    config from network where = UNTRUST_INTERNET and dest.resource.type = 'Interface' and = 'AWS' and dest.tag = 'env=prod'
    A green check mark indicates that you have a valid query and you can view the query results.
    You cannot associate compliance standards to network exposure policies.
  4. Save
    the policy.
    After you successfully create your new policy, it is displayed in the
    Refer to Network Query in the RQL Reference to learn about network exposure query attributes and to see examples.

Recommended For You