How To View Security Posture Compliance in Netskope

The Raw Findings tab allows you to view the compliance findings of your rules and resources. This page provides an aggregated list of all the rules and resources that have failed, passed, remediated, and muted. You can select the check box beside a rule or select multiple check boxes and mute or unmute rules.

The Raw Findings tab displays the following information:

• Has Error: Rules that have errors.
• Status: Status of the rule when checked against the resource. If the resource contains rule violations, the rule status shows Failed.
• Profile: The name of the profile against which the rule is checked.
• Policy: Name of the security posture policy.
• Severity: The level of severity of the violation. There are four levels: Critical, High, Medium, and Low.
• Cloud Provider: The cloud service provider. Netskope provides security for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Microsoft 365, GitHub, and Salesforce.
• Instance Name & ID: Name of the SaaS account instance and ID.
• Region Name: The location of the account.
• Resource Category: The SaaS resources category.
• Resource Type: The SaaS resource type.
• Failing Since: The date since the rule is failing.
• Muted: Status If the rule is muted.
• Compliance Standard: Gives a brief description of the rule.

The Rules tab displays information about rules compliance.

The Rules tab displays the following information:

• With Errors: The total number of rules with errors.
• Rules Failed: The total number of compliance rules that failed against a resource.
• Rules Passed: The total number of compliance rules that passed against a resource.
• Total Rules: The total number of compliance rules checked against a resource.
• Status: Status of the rule when checked against the resource. If the resource contains rule violations, the rule status shows Failed.
• Name: The compliance rule name.
• Severity: The level of severity of the violation. There are four levels: Critical, High, Medium, and Low.
• Resource Category: The SaaS resources category.
• Resource Type: The SaaS resource type.
• Cloud Provider: The cloud service provider. Netskope provides security for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Microsoft 365, GitHub, and Salesforce.
• # Failed Resources: The total number of resources that failed the compliance rule.
• # Unknown Resources: The total number of unknown resources.
• # Passed Resources: The total number of resources that passed the compliance rule.
• # Total Resources: The total number of resources checked against a compliance rule.

The Resources tab displays information about the SaaS resources.

The Resources tab displays the following information:

• With Errors: The total number of resources with errors.
• Status: Status of the resource when checked for compliance. If the resource contains rule violations, the resource status shows Failed.
• Name: The resource name.
• Region: The location of the account.
• Resource Category: The SaaS resources category.
• Resource Type: The SaaS resource type.
• Cloud Provider: The cloud service provider. Netskope provides security for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Microsoft 365, GitHub, and Salesforce.
• Account: The account name of the SaaS service.
• # Failed Rules: The total number of compliance rules that failed against a resource.
• # Unknown Rules: The total number of unknown rules.
• # Passed Rules: The total number of compliance rules that passed against a resource.
• # Total Rules: The total number of compliance rules checked against a resource.

By default, the Raw Findings, Rules, and Resources pages display the latest audit results. You can choose to view the results for a specific date.

1. Click the Time drop-down and either:
   • Select Latest Result and then go to Step 3.
   • Select As of Date to select a specific date and then go to Step 2.

2. Specify the date and time in the date picker and then click Apply.

3. Record the audit result findings.

Audit results can be filtered by selecting Resource Category, Tags, and Cloud Provider. To further narrow the results on the page, click Add Filter and select an option from the list.

You can choose to filter based on the following options.

• Status: Select Failed or Passed.
• With Error: Select Yes or No.
• Muted: Select Yes or No.
• Last Remediation Status: Select None, Started, Completed, or Error.
• Remediated By: Select Auto-remediation or On-demand remediation.
• Rule name: Select Rule Name and enter a rule name in the search field.
• Profile: Select a security assessment profile from the list.
• Policy: Select security assessment policy from the list.
• Severity: Select a severity level. There are four levels: Critical, High, Medium, and Low.
• Compliance Standard: Select or search for a compliance standard. For example, NIST-CSF-1.1.
• Resource Name: Select Resource Name and enter a resource name in the search field.
• Netskope Resource ID: Select Netskope Resource ID and enter a resource ID in the search field.
• Account: Select Account Name and enter an account name in the search field.
• Region: Select Region and select a region from the list or enter the region in the search field.

You can click a rule in the rules table in the Rules or Raw Findings pages to view detailed information about the rule. The Rule Detail window provides a description of the rule.

The window contains the following tabs:

• Definition: The rule syntax defining the predefined or custom rule. Custom rules can be defined using Domain Specific Language.
• Remediation: The remediation action to be performed to remediate the violation. Some rules also provide manual steps to remediate the violation.
• Compliance: The various compliance standards that the rule satisfies. This tab provides the compliance standard, section, control, and description of the rule defined in the compliance standard's documentation.
• Other: Displays the rule description, service the resource uses, and rule type; custom or predefined.