Skip to Content
InsightvmHIDDEN

Custom policy risks and recommendations

As with any software development, the upload or inclusion of security defects, whether through malice or genuine mistake, is always a concern. Because the Custom Policy Builder is used with the Scan Engine and the Insight Agent, there is potential for widespread impact if malicious content or defects are uploaded. Due to the risk associated, any modifications to a custom policy should be considered as a component of your organization’s software development life cycle program and reviewed thoroughly.

Recommendations

To minimize risks associated with the development of custom policies, it is recommended that organizations:

  1. Review roles that have access to custom policies.
    • Agent-Based Policy: Access is currently limited to Global Administrators.
    • Scan Engine Policy: Access is open to users with the appropriate console permissions and Global Administrators.
  2. Carefully review any custom policies prior to enabling.
  3. Enable audit logging to track and view custom policy changes implemented by users.