Contents x
    Create and edit custom risks rules
    • 28 Feb 2024
    • 1 Minute to read
    • Print
    • PDF
    Contents

    Create and edit custom risks rules

    • Updated on 28 Feb 2024
    • 1 Minute to read
    • Print
    • PDF
    Article summary

    This article describes how to do the following:

    • Create custom risk rules from any search in the inventory and save them.
    • Edit the severity of risk rules and disable out-of-the-box (OOB) risk rules as needed.
    • Manage and distinguish between custom and system-generated risk rules.

    Create a custom risk rule

    There are two options to create a custom risk:

    Option 1

    In the Prisma Cloud DSPM side menu, click Inventory to open the Inventory window, and then proceed to step 4 below.

    Option 2

    1. In the Prisma Cloud DSPM side menu, click Risks. The Risks Overview tab opens by default.

    2. In the Custom Risk thumbnail click Create.
    3. In the pop-up, click Go to Inventory to open the Inventory window.
    4. In the custom risk rules field, specify the rules for the custom risk. For example, create a custom risk to view developer secrets that are open to the world.

    5. Click Create Custom Risk. 

    6. In the New Custom Risk drawer, do the following:
      1. Give a meaningful name to the risk.
      2. Enter a description for the risk.
      3. Specify the severity of the risk.
      4. Specify if the risk affects security and/or compliance.
      5. Click Create to create the custom risk. Note that it takes approximately 15-minutes for Prisma Cloud DSPM to identify the risk findings associated with the new custom risk.

    7. After creating a custom risk, its thumbnail appears in the Risks Overview tab.
      • A custom risk thumbnail is denoted by the word Custom to distinguish it from out-of-the-box risks.
      • The number on the thumbnail indicates the number of risk findings associated with the custom risk rules.

    Edit a custom risk rule

    1. In the Prisma Cloud DSPM side menu, click Risks. The Risks Overview tab opens by default.
    2. Navigate to the custom risk you want to edit.
    3. Click the Settings icon, located at the top right of the thumbnail, to open the custom risk’s drawer.

       
    4. Edit the custom risk as required. For example, change the severity level, or stop creating risk findings for the custom rule.
    5. Click Save.

    Delete a custom risk

    1. In the Prisma Cloud DSPM side menu, click Risks. The Risks Overview tab opens by default.
    2. Navigate to the custom risk you want to delete.
    3. Click the Settings icon, located at the top right of the thumbnail, to open the custom risk’s drawer.
    4. In the custom risk drawer, click Delete this risk.
    5. When prompted, click Remove. The custom risk is deleted from Prisma Cloud DSPM.
    Was this article helpful?
    What's Next

    Can’t find what you’re looking for?

    Let us know what you need at support@dig.security and we'll help you as soon as possible