You can manage Cortex Cloud Application Security detection rules to customize and optimize your security configurations according to your specific needs and preferences: On the AppSec Rules inventory, → :
UI workflow
On the AppSec Rules inventory, → :
: Opens the Edit Rule wizard, allowing you to manage existing rules
: Opens the selected rule in a New Rule dialog box, allowing you to save a copy of the rule. This allows you to customize default rules according to your requirements
API workflow
Use the Modify rule and Delete rule API operations to integrate rule lifecycle management into your automated pipelines.
Bulk labeling and organization: Apply labels programmatically using the
Modify rule operationto organize rules by team, compliance framework, or business unitOOTB vs. custom constraints: When automating rule management, note that custom rules accept modifications to all fields (name, severity, frameworks and so on). OOTB rules are maintained by Cortex Cloud and cannot be deleted; they only accept label modifications via the API
For information on managing endpoints, refer to Manage AppSec rule API documentation.