Policy severity levels

  • Last update on September 30th, 2024

Understanding severity

Not all policies are equal. While each policy is designed to protect your environment, the specific aspects they monitor can have an extremely different impact on your tenant's health and safety. For this, we have introduced different levels of severity to categorize all of your policies, giving you a clearer, at-a-glance idea of when urgent action may be needed. The severity levels are:

  • Critical: these policies, when violated, will have a significant impact on the health of the tenant. They are marked with a red danger icon to attract your attention and prompt fast intervention.
     
  • Warning: these policies have an impact on the health of your tenant, but their violation doesn't put your environment at immediate risk. They are marked with a yellow danger icon and you should look into remediating them as soon as possible.
     
  • Informational: these policies are there for reporting purposes and any violations won't put your environment at risk. They are marked with a blu info icon.

Please note that Informational policies are not displayed in the “Overview” dashboard widget to allow you to focus on more important elements, but they are still part of the calculated compliance score.

 

Out-of-the-box policies

CoreView's out-of-the-box policies will come with a predefined severity level, which cannot be modified. However, you will still be able to modify the policy threshold

The severity level of CoreView policies cannot be edited.

Custom policies

You are required to set the severity level for your custom policies. If necessary, you will be able to edit the severity level at a later stage.

A severity level must be assigned to custom policies.

When you set a policy severity level to “Informational,” applying a threshold becomes optional. However, for custom policies marked as “Critical” or “Warning,” entering a threshold is mandatory. In this case, the “Apply violation threshold” checkbox will be enabled by default.

A violation threshold is required for Critical and Warning custom policies.

Starting October 1st, 2024, with the introduction of severity levels, all existing custom policies will initially be given a warning status. This measure aims to avoid any misprioritization. You'll have the flexibility to adjust these settings as needed. We strongly suggest updating the severity level of your custom policies where necessary at your earliest convenience.

 

Policy severity levels in Playbook dashboards

Within the Playbook dashboard, policies are categorized according to their severity levels: critical, warning, and informational. The final tab aggregates policies deemed compliant, regardless of their original severity level. To explore policies within a particular category, just click on the relevant tab. If no specific tab is selected by default, all active policies will be shown in a list, organized from critical to compliant.