Configuring assessments for custom compliance standards based on custom cloud security rules - When using custom compliance standards based on custom cloud security rules make sure to create a cloud security policy including your custom rules to ensure accurate assessment results are generated - Administrator Guide

Configuring assessments for custom compliance standards based on custom cloud security rules - When using custom compliance standards based on custom cloud security rules make sure to create a cloud security policy including your custom rules to ensure accurate assessment results are generated - Administrator Guide - Cortex CLOUD

Cortex Cloud Posture Management Documentation

Product

Cortex Cloud Application Security > Cortex CLOUD

License

Cloud Posture Management

Creation date

2025-01-22

Last date published

2026-06-04

Category

Administrator Guide

Abstract

When using custom compliance standards based on custom cloud security rules make sure to create a cloud security policy including your custom rules to ensure accurate assessment results are generated

While a majority of these guidelines reflect standard practices applicable to other use cases, when using custom compliance standards based on custom cloud security rules make sure to create a cloud security policy including your custom rules to ensure accurate assessment results are generated.

The following table describes the components that are necessary to configure custom compliance standards based on custom rules to ensure that the standard will be assessed against a configured scope of assets:

Component	Requirements	Documentation link
Custom compliance standard	Create a custom compliance standard as usual.	Create a custom standard
Custom compliance controls	Create custom compliance controls and populate the custom standard with the relevant custom controls.	Create a custom control
Custom cloud security rules	Create custom cloud security rules, which implement the detection capabilities necessary to determine the status of the corresponding controls. When creating the rules, make sure to associate them with the relevant custom compliance controls.	Create custom cloud security rules
Asset group	Create an asset group which includes the appropriate scope of assets based on the intended purpose of the custom compliance standard.	Create an asset group
Assessment profile	Create an assessment profile for the custom standard using the asset group created above. Configure reporting as desired.	Create an assessment profile
Custom cloud security policy	To guarantee accurate assessment results, you must create a custom cloud security policy that incorporates all rules from the custom compliance standard. This is required because custom cloud security rules do not automatically generate findings. When creating the policy, make sure that the policy includes: The custom compliance standard as the rule scope. The asset group used for the assessment profile as the asset scope.	See below

Create a cloud security policy with the correct rules and scope

When creating a cloud security policy, make sure it fulfills the requirements listed above.

Navigate to Posture Management → Rules & Policies → Policies → Cloud Security.
Click Create Policy.
On the Details page, provide Policy Name, Description, and Labels (optional).
Click Next.
(Important) On the Rules page, select All Matching Filter Criteria. Next, select “Compliance Standards”, “Contains”, and then select your custom compliance standard. This ensures that all the cloud security rules from your custom compliance standard are attached to the cloud security policy.
Click Next.
(Important) On the Scope page, select From Asset Groups and then select the asset group used for the assessment profile:
Click Done to save the policy.