All Secberus policies are enabled by default when an organization is created and when new policies are released.
Enabled policies will run against the data collected from monitored data sources to determine if there are violations. This occurs for scheduled scans and when changes are detected.
Disabled policies are no longer applied to any data sources, and will not run against collected data.
When a new data source is added to an account organization, all enabled policies that include the relevant resource types will automatically be applied.
Only users with permissions to create, edit, and remove policies will be able to enable or disable a policy and update data source coverage.
To set the Status of a policy, navigate to the Policy list under the Policies section. Locate the Status column in the policy list table, and select the desired status: On (enabled), Off (disabled).
The policy status can also be managed on an individual policy page:
To change the data sources a policy is applied to, navigate to a policy, and click on the Coverage tab.
Click on the Manage coverage button to view all applicable data sources. Select the data sources the policy should cover and then Continue.
The policy coverage list will include a timestamp for the last time the policy was run against each data source, as well as provide a status on whether the policy execution was successful. To troubleshoot issues for failed policy execution, visit the Data sources screen under Settings or check the Activity log.
Updated 6 months ago