Elastic CSPM Azure Exclude resources from rules

willemdh · July 30, 2024, 12:36pm

Hello,

What we are missing in Elastic CSPM is a way to exclude resources from certain rules. Some rules are triggering on all resources, while these rules are not applicable to these resources.

For example:

Ensure the web app has 'Client Certificates (Incoming client certificates)' set to 'On'

For at least 80 % of our web apps it is not possible to use client certificates, as we cannot predict what clients need access.

This is just 1 example out of many.

Is it on some roadmap to add functionality which allows to exclude specific resources for specific CSPM rules instead of having to disable complete rule?

WillemD

smriti0321 · July 30, 2024, 2:01pm

Hi @willemdh,

Thanks for sharing your use case. As of today we only support disabling specific rules. I agree that resource exclusion will allow more control to users as we advance the CSPM offering. We will add it to our backlog and track it against other priorities.

Regards,
Smriti

system · August 27, 2024, 2:01pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.