Bitdefender Completes Acquisition of Horangi Cyber Security
logo

EN

Products +

Services +

Customers +

Partners +

Resources +

Careers
Sign InContact Us
Release Notes
Cloud Security

Gain Granular Control of Policies With Enhanced Rule Configuration in Warden

Rule configuration just received a major upgrade in Warden CSPM. With these added features, you can now add custom-rules for more organization specific alerts. Read more below!

timothy sohTimothy SohDec 8 2021

Rule configuration just received a major upgrade in Warden CSPM. On top of enabling or disabling Warden rules, you can now tailor-fit existing rules to your organization-specific security needs. This allows Warden to reflect a security risk profile that reflects your organization’s policies.  

 With enhanced rule configuration, you can now:

  • Change any rule’s default severity to reflect your organization’s real security posture, based on your needs.
  • Customize certain parameters for specific rules. For example, you can now configure rules to ensure users are only accessing from a certain location or from specific IP address ranges your organization uses.

Default Severity

Users can change the default severity of the rule Configure Geolocation Access Control (Blacklist) for WAF` from Low to Critical and better reflect your organization's security policy, like in the image below:

custom rules in Warden CSPM

 As an example, an organization might decide to have several Lambda Functions of the same service, they might share the same IAM Role as part of its Engineering Policy for ease and speed of development. If so,  you can now change the severity of the related rule under IAM Role Attached to Multiple Lambda Functions from the default value from High to Low and better reflect your organization's security concerns.

 Conversely, if IAM SSL/TLS Certificates are heavily used by engineers for accessing critical resources, then you can change the severity of the related rule like ‘IAM Expired SSL/TLS Certificate Found’ from the default value of Low to High, so that you get a prioritized alert when the IAM SSL/TLS Certificate has expired. 

Customizable Rule Parameters

Enhanced Rule Configuration in Warden now allows you to add the following parameters to rules:

Specific Geographical Locations

IP range

Users can define specific geographical locations that should be included to be whitelisted for Huawei Web Application Firewalls, as shown in the image below:

Huawei cloud rules in Warden

  P.S. Currently, custom rule parameters are only available for the following Huawei Cloud rules:

  • Configure Geolocation Access Control (Blacklist) for WAF
  • Configure Geolocation Access Control (Whitelist) for WAF
  • Enabling Access Control for an ELB Instance

 Our team is working diligently and users can expect rule configurations to be expanded to more rules in the coming months. 

Conclusion

As organizations adopt a multi-cloud strategy, there is a greater need to look beyond native cloud security tools that provide holistic coverage across clouds. With these new rule enhancements  added to Warden’s growing stack of resources, Warden is better equipped to provide excellent coverage for the big 5 cloud providers, with greater visibility and monitoring than ever before. To stay updated with the latest additions to Warden’s features, you can visit our blog. You can also fill up this form to schedule a customized 15-min demo to see how Warden can help with all your cloud security needs.

timothy soh
Timothy Soh

Timothy Soh is a Tech Lead at Horangi, working on cloud security and compliance on Warden. He is passionate about cloud technologies and cloud cybersecurity.

Subscribe to the Horangi Newsletter.

Be the first to hear about Horangi's upcoming webinars and events, up-and-coming cyber threats, new solutions, and the future of cybersecurity from our tech experts.