Set Assess rules
To view a list of all rules applied, select Applications > Your application name > Policy > Assess or under the user menu, select Policy management > Assess rules. Each rule is listed with a severity and description, as well as an indicator of which environments it applies to.
You can also set the default Assess rules for an organization.
Ensure that you have an Organization Administrator or RulesAdmin role.
Log in and select the correct organization.
Apply Assess rules and settings:
To apply Assess rules to particular environments for applications:
When viewing the list of rules under Applications, use the toggles to turn each rule on or off for each environment. You can also use the checkboxes in the left column to select multiple rules, then select Change Mode to apply them. In the window that appears, toggle the rules on or off for each environment and select Done.
Alternatively, under Policy management > Assess rules, select a rule to see a list of applications that are associated with that rule. Use the toggles to turn rules on or off for each application.
To update settings for individual Assess rules:
Under Policy management, select the name of rule to show a list of applications associated with the rule.
To select one or more applications, select the check box next to each application.
To select all applications, select the Application check box.
Select the settings icon ( ) in the top right.
In the window that appears, select the Likelihood, Impact and Confidence Level of the vulnerabilities for which this rule is intended.
Optionally, select the checkbox to Override to enable this option to update these fields after the configuration is saved.
In the Risk Description field, enter additional information regarding potential consequences of exposure to this vulnerability. You can also provide a Recommendation
In the References field, enter a link to an external reference related to the specific vulnerability to provide more context for the rule.
Select Save.