Available on SpinSPM & SpinOne subscriptions.
Posture Policy serves as a cornerstone in our product, diligently identifying security controls and promptly detecting any changes or misconfigurations in their status. This policy ensures a vigilant posture by triggering alerts whenever a misconfiguration is detected. With a focus on proactive monitoring, the Posture Policy empowers users to maintain robust security controls and swiftly respond to any deviations, enhancing the overall security resilience of your system.
Let's take a deep dive into the structure of the Posture Policy.
GENERAL
In the General section, you can fill in basic policy information such as the policy name, category, severity and a brief description of its intended purpose. This will help you to classify incidents and separate different policies from each other.
CONDITION
In the Condition section you will specify events that will trigger the policy. For the Posture Policy type specifically, you can choose from many events such as specific configurations, detecting configuration drifts and much more.
You can combine multiple separate conditions together. Once you combine conditions, it will turn into an AND policy, and the policy will only be triggered when all separate conditions have been met.
When you enter different values for the same condition, that condition will be met when one of those events is detected. See the below image for more clarification.
ACTION
In the Action section you will specify the actions that will be taken when this policy has been triggered. For the Posture Policy type specifically, you can choose from many actions such as automating posture visibility, creating alerts for misconfigurations and much more.
Every action placed in the Action section will be performed if the conditions of the policy have been met.
SCOPE & EXCEPTION
Lastly, you can specify who the policy should apply to in the Scope & Exception section. You can have the policy apply to everyone, or to specific Groups and users. This will give you flexibility in creating different policies for different teams within your company.
Now you can create Posture policies! Remember, that you can create as many policies as you'd like with different conditions, actions and scope & exceptions.
If you have any questions or would like to learn more, please reach out to us at support@spin.ai.