icon-zwp.svg
Posture Control (ZPC)

About Security Policies

Security policies protect your cloud deployment from asset misconfigurations and excessive permissions by defining a condition or parameter for how a particular cloud asset needs to be configured. ZPC offers over 400 security policies across multiple cloud service providers (CSPs), including Amazon Web Services, Microsoft Azure, and Google Cloud Platform. ZPC has created security policies to protect both your runtime and buildtime environments. The security policies cannot be modified, but you can create new custom security policies tailored for your cloud deployment.

ZPC also bundles security policies to emulate cybersecurity benchmarks (e.g., NIST) or compliance benchmarks (e.g., GDPR).

The Policies page provides the following benefits and enables you to:

  • View all cloud and IaC policies offered by ZPC.
  • Gain cloud posture overview based on whether the policies are passing or failing for your cloud deployment.
  • Create custom security policies to cater to your cloud deployment's compliance requirements.

About the Policies Page

On the Policies page (Policies > Policy), you can do the following:

  • The Cloud Policies tab offers a holistic understanding of each security policy offered by ZPC and its status against your cloud deployment. You can perform actions such as enabling or disabling a policy or setting policy severity for individual and bulk security policies.

    On the Cloud Policies tab, you can do the following:

    1. Export the security policy catalog to an Excel file.
    2. Filter cloud policies using available parameters. To learn more, see Using Filters.
    3. Create a new custom security policy. To learn more, see Creating Custom Security Policies.
    4. Search for security policy details using the searchable columns.
    5. View the following security policy details for each cloud security policy:
      • Cloud: The CSP the security policy protects.
      • Policy Name: Click the policy name for any security policy to view more policy details. To learn more, see Viewing Security Policy Details.
      • Policy Severity: Static value signaling the severity of policy failure. The value can be Critical, High, Medium, or Low.
      • Policy Source: Whether the policy is predefined by ZPC or is a custom security policy.
      • Theme: The security policy theme (Compliance, Security Exposure, Security Events, or Blank).
      • Threat Category: The security policy threat category (Ransomware, Misconfiguration, or Account Takeover).
      • Last Updated: The timestamp for when the security policy was last modified by a user.
      • Updated By: The ZPC administrator username who last updated the security policy.
      • Alerts: Click the alert counter to view all the alerts generated for the security policy. To learn more, see About Alerts.
      • Supports Remediation: Whether the policy supports remediation.
      • Remediation Enabled: Whether remediation is enabled for the alerts generated by the policy.
      • State: Whether the policy is enabled or disabled. Use the State toggle to enable or disable a policy. When disabled, the policy is not run against the collected configuration metadata.
      • Policy ID: The security policy ID.
      • Policy Focus: Whether the policy focuses on an asset or identity misconfiguration.
      • Created By: The ZPC administrator username who created the custom security policy.
      • Creation Date: The timestamp for when the security policy was created.
    6. Modify the table and its columns. You can choose which columns appear on the security policy table. To learn more, see Using Tables.
    7. Change the security policy severity or policy state. To learn more, see Managing Security Policies.

    View the Cloud Policies tab on ZPC.

    Close

  • The IaC Policies tab offers a holistic understanding of each security policy offered by ZPC and its status against your cloud deployment. You can perform actions such as enabling or disabling a policy or setting policy severity for individual and bulk security policies.

    To view the IaC Policies tab, go to Policies > IaC Policies. On the IaC Policies tab, you can:

    1. Export the security policy catalog to an Excel file.
    2. Filter IaC policies using available parameters. To learn more, see Using Filters.
    3. Search for a security policy.
    4. View the following security policy details for each IaC security policy:
      • Cloud: The CSP the security policy protects.
      • Policy Name: Click the policy name for any security policy to view more policy details. To learn more, see Viewing Security Policy Details.
      • Policy Severity: Static value signaling the severity of policy failure. The value can be Critical, High, Medium, or Low.
      • Policy Source: Whether the policy is predefined by ZPC or is a custom security policy.
      • Policy Theme: View the security policy theme (Compliance, Security Exposure, Security Events, or Blank).
      • Alerts: Click the alert counter to view all the alerts generated for the security policy. To learn more, see About Alerts.
      • Last Updated: The timestamp for when the security policy was last modified by a user.
      • State: Whether the policy is enabled or disabled. Use the State toggle to enable or disable a policy. When disabled, the policy is not run against the collected configuration metadata.
      • Allow Skip: Whether the policy is skipped or not. The Allow Skip toggle is enabled by default and lets developers skip the policy in their code repository or CI/CD tool by adding skip comments. If it's disabled, the policy cannot be skipped even if the developers add skip comments.
      • Policy ID: View the security policy ID.
      • Updated By: View the ZPC administrator username who last updated the security policy.
      • MITRE ATT&CK: The MITRE technique for the security policy.
      • Compliance: The compliance benchmark and ID for the security policy.
      • Compliance Domains: The compliance domains for the security policy.
      • Compliance Control Number: View the compliance control number for the security policy.
      • Created By: View the ZPC administrator username who created the custom security policy.
      • Creation Date: View when the custom security policy was created.
    5. Modify the table and its columns. You can choose which columns appear on the security policy table. To learn more, see Using Tables.
    6. Change the security policy severity or policy state. To learn more, see Managing Security Policies.

    View the IaC Policies tab on ZPC.

    Close

The ZPC Policy page

Related Articles
About Security PoliciesViewing Security Policy DetailsCreating Custom Security PoliciesManaging Security Policies