Associate custom compliance controls with workload security and cloud security rules to tailor compliance checks to your organization's needs.
You can associate custom compliance controls with workload security and cloud security rules to tailor compliance checks to your organization's needs. This can be done during rule creation (custom rules only) and edit (for both custom and out-of-the-box rules).
Note
Custom rules can only be associated with custom compliance controls.
The following table summarizes which rule types can be associated with custom compliance controls:
OOTB rules | Custom rules | |
|---|---|---|
Cloud workload rules | N/A | When creating or editing custom cloud workload rules, you can associate custom compliance controls with them. |
Cloud security rules NoteYou can only associate custom compliance controls to the following cloud security rule types: ConfigIdentityAI | You can edit existing out-of-the-box cloud security rules and associate custom compliance controls with them. | When creating or editing custom cloud cloud security rules, you can associate custom compliance controls with them. |
How to add a custom detection rule to a custom compliance control
When creating or editing a cloud workload or cloud security rule you can associate a custom compliance control with it.
Navigate to Posture Management → Rules & Policies → Rules → Cloud Workload or Cloud Security.
From here, you can do the following:
Click Create Policy to create a new policy.
Search for an existing rule, click it, and then select Edit from the menu.
In the Overview → Compliance Controls field, click Add to add compliance controls to the rule:
Click Add, select one or more custom compliance controls from the list, and then click Assign.
After you have saved the changes, the custom detection rule is assigned to the custom control.