Posture Policies

This page introduces Sysdig posture policies and the requirements and controls that comprise them, providing the conceptual background needed to create, edit, and apply compliance policies in your own environment. Posture Policies allow you to onfigure what is being evaluated by the Compliance feature in the context of compliance standards (CIS, NIST, etc.).

In addition:

  • Search for the policies that match your organizations’ needs
  • Create your own custom policies, configure controls that are linked to each requirement
  • Review the policy structure and the controls connected to it
  • Enable/disable controls on all policies
  • Filter controls by enablement status, violation severity, name, and control type

Prerequisites

This feature requires the current Compliance component.

See also:

Because we add new policies regularly, check in the product itself to see the comprehensive list of included postures policies.

  1. Select Policies > Posture | Policies.

  2. Review the Policy list. The included policies are listed alphabetically.

    • Policy Name/Description: The full policy name and description, in accordance with naming used by, e.g., the Center for Internet Security (CIS). Click the arrow to link directly to the relevant standards website.

    • Zones: Zones where this policy has been applied. Apply a policy to a zone to show compliance results against the policy in the compliance page.

    • Version: This column lists the version of the standard published. Not to be confused with the version, e.g., of Kubernetes, listed in the policy name.

    • Date Published: Date the policy was published. Until officially published, a policy under development is in Draft state.

    • Author: Sysdig for default policies; creator name for custom policies

  3. Click a row to open the individual policy page.

Filter

You can search/filter the Posture Policies list by:

  • Free-text search for keywords
  • Published/Draft status
    • Policies published by Sysdig will display a Date Published.
    • Custom policies can be in Draft state until the author publishes them. See Create a Custom Policy.

Next Steps

Manage Posture Policies

Manage Posture Controls