Add a New Security Control Rule
To add a new security control rule:
- Add a new rule.
- Select.PolicySecurity Control RulesNew Rule
- Define the basic settings.
- Enter aNamefor the rule.
- (Optional) Enter aDescriptionfor the rule.
- Specify theSeverityfor the rule. Severity ranges from 1 to 5, with 5 representing the highest risk.
- Enable or disable theStatus.
- Select aSetting Type,Cloud apps, if applicable, and theSetting Options.Setting TypeSetting OptionsAdministrative Access of End Users InboxEnter theAdmin Emails to Exclude, andEnd User Emails to Exclude.Email Forwarding RuleList theRisky Domain,Email Addresses of Users to Exclude, andRule Names to Exclude.Email Public FolderEnter theFolder NamesandEmail Addresses of the Folder Owners to Exclude.Email RetentionEnter theEmail Addresses of the Users to Exclude.Inbound Accessible ServicesEnter theSource IP Address,Service to Exclude,Security Groups to Exclude,VPCs to ExcludeandELBs to Exclude.Key RotationSelect a time frame inKeys not rotated within, list theKeys to Exclude from Key Rotation Check, andRoles to Exclude from Key Rotation Check.Multi-Factor Authentication (MFA)List theExclude MFA Check User, andExclude MFA Check for User with Role.Non-Standard Amazon Web Services EC2 Appliance (AMI)List theExclude AMIs.Outbound Accessible ServicesList theDestination IP Address,Service to Exclude,Security Groups to Exclude,Virtual Private Cloud (VPC) to ExcludeandElastic Load Balancing (ELB) to Exclude.Password PolicyFlag if password does not follow password policy rules.Unencrypted StorageList theExclude Volumes,Exclude Volumes attached to EC2, andExclude Volumes in VPC.ActionsAllows you to specify whether Prisma SaaS should trigger one of the following actions to automatically remediate incidents or log the event as a risk.
Setting Options withExcludeareOptional.
- Send Admin Alert
- Log Only
- Saveyour new security control rule.
- Verify the Security Control rule is enabled.After saving, the rule will be listed on theSecurity Control RulesunderEnabledorDisabled. Prisma SaaS starts scanning files against the policy rule as soon as you save the changes. After the scan starts, you can start to View Policy Violations for Security Controls.
Recommended For You
Recommended videos not found.