Create Folders in Custom Policy Builder

Is there a way to add your own “folders” to a policy? I’m not sure if that’s the proper term for what I’m talking about, but for instance, if I clone and edit “CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark Level 2 - Member Server” I see 6 folders in a tree type hierarchy.

    1. Account Policies
    1. Local Policies
    1. Windows Firewall With Advanced Security
    1. [etc]

Each of these might contain sub-folders. In my example, “1. Account Policies” contains “1.1. Password Policy” and “1.2. Account Lockout Policy”.

So my goal is to add to this policy, I want to check if certain software is installed property (e.g. antivirus), so I can add a registry check to look for the correct registry keys, and then a service check to make sure the service is running, and a file check to make sure the configuration XML file is present. I want to group all of these into their own folder/subfolders. I may want to create something like:

    1. Software Check
    • 20.1. Antivirus
    • 20.2. EDR Solution

etc. This way I don’t have a bunch of loose policies floating around under the top level “Policy Rules” folder. I want to organize things, but I don’t see any way of doing this.

Sorry for the long example or if I’m missing something obvious. Does anyone know how to create folders like this, and then move rules into them?

I don’t believe this is an option in InsightVM’s custom policies as they currently stand. I think you could technically copy an existing policy, then edit/delete the existing rules and create your own to try to work within that policy’s hierarchy to organize things. But I know that’s not the greatest option.

I went ahead and submitted an idea for this to the team, using the examples you’ve given here to demonstrate how folks would want to use it. :+1:

Thank you Holly, that’s what I was afraid of. I think I did try to copy a policy and add rules (it’s been a few days now), and they were added to the top level, not into the folder I wanted. I think i could do an export and manually edit the JSON, then re-import, but honestly, it’s too much trouble at that point. I appreciate you submitting this as an idea. If you hear any different news, please let me know, but I’ll mark this as the solution for now.

1 Like