Skip to content

Logic Enhancement within Policy Creation #4866

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
2 tasks done
robotsalesmenDS opened this issue Apr 22, 2025 · 0 comments
Open
2 tasks done

Logic Enhancement within Policy Creation #4866

robotsalesmenDS opened this issue Apr 22, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@robotsalesmenDS
Copy link

Current Behavior

Image

In the image above we are trying to write a policy that "FAILs", if these conditions exist. Our goal is to make RULE this applicable across all projects.

  "IS" "Critical 
  
  OR 
  
  "IS" "High" 
  
  OR
  
  "IS NOT" "CVE-2018-2225"

It appears we cannot do this because the "Vulnerability ID" "CVE-2018-20225" is "Critical" also.

Proposed Behavior

Can we add a feature that adds more granularity to the "Vulnerability ID"?

Checklist
@robotsalesmenDS robotsalesmenDS added the enhancement New feature or request label Apr 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@robotsalesmenDS