Introduction
Learn how to write custom security policies to meet the special needs of your organization
Policies are the specifications that cnspec uses when it scans an asset. cnspec compares an asset's configuration against the standards set in policies and calculates a score based on the comparison. Scores tell you how secure each asset is and let you track progress as you improve your security posture.
Mondoo provides dozens of free policy bundles (collections of policies) that cover the most common asset types, and Mondoo Platform offers many more. If your organization has unique needs that these bundles don't meet, you can create your own.
Read these topics to learn how to build your own policies:
- Write Custom Policies
- Score Policies
- Reuse Queries and Checks
- Break up a Policy into Groups / Chapters
- Limit Target Assets with Filters
- Define Properties
- Make Policies Flexible with Variants
The queries and checks that policies use to retrieve information from your infrastructure are written in MQL (Mondoo Query Language).
- Learn how to write MQL queries and checks.
- Browse all the resources from which MQL can retrieve information.