View ZeroNorth Policies

ZeroNorth Experts
1

As a zn OPS user, go to zn OPS > Policies :

image
image1260×654 215 KB

View Policies Screen

  • The upper portion shows a tally of Policies by category .
  • The middle portion shows Policy counts by Scenarios , by Integration Types , and by Target . You can hover your pointer over the charts for details.
  • The lower right portion lists the individual Security Policies. The list is sorted by their last edited date/time, most recent first.
  • Each Policy in the list shows the following details:

image
image712×182 8.83 KB

Policy Report Options

The following Reports are available at the Policy level. The actual list of available reports will vary based on the specification of the Policy:

  • View Scan Issues - List of Issues detected in the most recent Scan job of the Policy.
  • View Inventory - For those Policies that utilize Code Composition Analysis scanners, an inventory of the dependencies.
  • View Events - List of Events from the most recent Scan job of the Policy.
  • Issues Report - A PDF report of all issues outstanding for the Policy.
  • Code Red - A PDF report of only the Critical issues outstanding for the Policy.
  • Code Security - A PDF report of only the Code Security category of issues outstanding for the Policy.
  • Application Security - A PDF report of only the Application Security category of issues outstanding for the Policy.
  • Composition Analysis - A PDF report of issues related to dependencies.
  • Burp - For those Policies that utilize the Burp scanner, the native HTML report of the scan results. This report is presented in addition to the usual summary of Issues.

Policy Menu Options

The available menu options for each Policy are:

  • Run Now - Executes the scan associated with the Policy. This option is not available for those policies that depend on external trigger mechanisms.
  • Refresh - Forces a refresh of the Policy status display. This action is normally not required as the screen refreshes automatically.
  • Edit - Edit/modify the details the Policy.
  • Archive - Permanently archive the Policy. Scan history of archived Policies can still be viewed in zn Hub .
  • Duplicate - Make a copy of the Policy and then bring it up in Edit Policy screen.
  • Copy Policy ID - Copy the 64-bit GUID of the Policy into your clipboard. This is useful for using it as a filter in some screens.

Examining a Failed Scan

Sometimes, a Policy run may fail. A failed scan run record looks like this:

image
image710×133 6.07 KB

In many cases, examining the Events Log of a failed Policy run may provide the reason for the failure:

image
image1335×662 61.2 KB

In some cases, the cause of the failure may not be clearly indicated in the Events Log, in which case, please, contact ZeroNorth Support.