The process for creating an Cortex Cloud Application Security application-scoped policy is the same as for a standard policy. The only difference is on the Scope step of the wizard, where you can restrict the policy to a specific application(s) and their associated assets. If your user access is application-scoped, you can create policies only within your assigned scope. All other steps remain unchanged.
Note
Application-scoped policies apply to both code and CI/CD configuration policies.
Navigate to → → → .
Configure the General and Conditions steps of the wizard.
On the Scope step of the wizard.
Select Asset Types as the scope.
Select → → .
Click .
Complete the remaining steps in the wizard to create the policy.
The policy is displayed in the general AppSec Policies table, which reflects your application scope, displaying only the policies associated with applications you can access. Users with broader permissions can filter by Business Application Names to find application-scoped policies.
For more information about creating Cortex Cloud Application Security policies, refer to Create Cortex Cloud Application Security policies.