SpinCRX Application Security Policy

Written by Rainier Gracial (Global Solutions Engineer)

Sep 26, 2025 | Updated on: Oct 24, 2025

The Application Policy type is a critical element of our product, designed to identify, assess, and manage extensions based on predefined criteria. It offers actions such as blocklisting, allowlisting, notifications, access revocation, and user suspension to maintain security and compliance within your environment.

To begin creating Application Security Policies, navigate to SpinCRX…

From here, select Security Policies on the left hand toolbar – You will automatically be directed to the Policies Management menu…

SpinCRX Dashboard - Security Policies | Spin.AI

Now, select Create Policy and select Application Policy…

Now, you should see the Security Policy creation menu… start by giving your Application Security Policy a name by navigating to Policy Name and a brief summary found under Description…

SpinCRX Dashboard - Policies Management | Spin.AI

Next, navigate to the Condition section and click Select Condition. Here you see a variety of Conditions that can be stacked upon each other to create scenario based actionability…

SpinCRX Dashboard - Extension Source | Spin.AI

Let’s create a simple but popular Security Policy intended to blocklist a Chrome Extension that externally communicates to GenAI or LLM…

First, click Extension Source and select Chrome Web Store.
Secondly, scroll down on the Condition menu and select GenAI & LLM.

Your Conditions should now look like this…

SpinCRX Dashboard - Policies Management - Conditions | Spin.AI

Now, it’s time to dictate what you would like this Security Policy to do when the Conditions have been met…

First, click Select Action.

SpinCRX Dashboard - Policies Management - Change State Action | Spin.AI

Secondly, select Change State as your first Action and change state to Blocklist.

SpinCRX Dashboard - Policies Management - Change State - Block List | Spin.AI

Now, let’s select two more Actions… Revoke Access and Send Notification…

SpinCRX Dashboard - Policies Management - Revoke Access | Spin.AI

The Action menu of your Security Policy should now look like this…
Tip! There are a variety of integrations for the forwarding of alerts when a Security Policy is triggered, be sure to select the integration that best suits your needs!

SpinCRX Dashboard - Policies Management - Notification Recipients | Spin.AI

Lastly, navigate to Scope & Exception and determine the scope of the entities to which this Security Policy should apply and once completed, select Preview and then Save.