Before you proceed with creating security controls, it is important to review the taxonomy outlined below. to help you map your existing controls to this official schema.
This taxonomy requires four mandatory attributes for every control:
Name (unique): The human-readable name (e.g., "Palo_Alto_NGFW_Datacenter").
Category: The high-level security domain that the Security Control belongs to. See table below for possible values.
Type: The specific security control capability, which is dependent on the Category.
Vendor: The vendor that provides the security control as shown in the table below.
Control Category | Control Type |
|---|---|
Network Security | Network Firewall, Next Generation Firewall, Web Application Firewall, Intrusion Prevention System, Virtual Private Network |
Endpoint Security | Endpoint Detection and Response, Extended Detection and Response, Anti-Virus, Host Based FW |
Data Security | Virtual Private Network, Disk Encryption, Data Loss Prevention, Database Activity Monitor |
Identity Security | Multi-factor Authentication, Single Sign-On, Privilege Access Management |
Other | Text String (4 chars min, 256 chars max) |
Tip
Take an inventory of your top 10-15 security controls, check which ones need to be manually added into the Cortex Platform and use the taxonomy to map them into the system.