Viewing CSPM security control rules and related violations
Note
This feature is in the Preview stage. To get access, contact tech support or your account manager.
The CSPM module's security control rules are used in the Security Deck workspaces. If you have no workspaces yet, create one.
Viewing general information about security control rules
To view general information about the CSPM module's current security control rules and related violation cases:
-
Go to Yandex Security Deck.
-
In the left-hand panel, select Control rules.
-
At the top of the window, click More and select the workspace for which you want to view the rule info. Use search, if required.
-
On the Security control rules page that opens, go to the Configuration tab. The section that opens lists the control rules that form a part of the security standards specified for the current workspace.
For each rule, the table displays the following information:
Tip
If you need to, you can change the info columns displayed in the table. Do it by clicking in the row with the table column headers, selecting the info columns you need, and clicking Apply.
-
: Rule criticality level. This icon indicates how security-critical the rule is:
- : Remark
- : Low severity
- : Medium severity
- : High severity
-
Control rule: Rule name and brief summary. To learn more about a rule, click the table row with its name.
-
Rule sets: Icon(s) for the security standards that are using this rule. If the icon is colored, it means the rule is checked for the corresponding standard. If the icon is gray, it means it is not.
-
Verification method: How the infrastructure controlled in the workspace is checked for compliance with this rule:
automatic: Rule is checked automatically once every eight hours.manual: Manual check of rule compliance is required. Click the row with the rule to find a guide and details.
-
ID: Rule ID in Yandex Cloud.
-
Violations: Number of rule violations detected.
-
Viewing detailed information about security control rules
To view detailed information about a specific security control rule of the CSPM module:
- Go to Yandex Security Deck.
- In the left-hand panel, select Control rules.
- At the top of the window, click More and select the workspace for which you want to view the rule info. Use search, if required.
- On the Security control rules page that opens, go to the Configuration tab. The section that opens lists the control rules that form a part of the security standards specified for the current workspace.
-
To learn more about a security control rule, click the table row with its name. The detailed info window that opens includes the following tabs:
OverviewViolationsExceptionsRecommendationsIn addition to the data shown in the general rule info table, the Overview tab contains:
- Date and time of the most recent security check.
- Details on the monitored features, their configurations, or actions performed with them.
The Violations tab lists security violations detected during checks. Detected violations will not appear in this list if they satisfy the exception criteria specified for the rule.
The Exceptions tab lists all exceptions defined for the rule along with controls for exception management.
The Recommendations tab provides guides and solutions to help you perform the actions required by the rule.