Project Rule Attribute
Define policies for projects in your Scantist platform
Project-level Policy Rules
Once the policies for components, vulnerabilities, and licenses are established, project-level policy rules can be applied based on various attributes such as the number of denied, flagged, and approved components, vulnerabilities, and licenses. These rules can be used to enforce compliance and ensure that projects meet the organization's security and legal requirement.
❌
You may want to deny a project with a high number of denied or flagged vulnerabilities
Such project require additional attention or resources to address security issues
✅
You may want to approve a project with a high number of approved components and licenses
Such project indicates that the project meets the organization's security and legal standards and can proceed without further review
| Policy Rule | Description |
|---|---|
| Denied Vulnerability Count | Number of vulnerabilities that have been denied for the project |
| Flagged Vulnerability Count | Number of vulnerabilities that have been flagged for the project |
| Approved Vulnerability Count | Number of vulnerabilities that have been approved for the project |
| Denied Component Count | Number of components that have been denied for the project |
| Flagged Component Count | Number of components that have been flagged for the project |
| Approved Component Count | Number of components that have been approved for the project |
| Denied License Count | Number of licenses that have been denied for the project |
| Flagged License Count | Number of licenses that have been flagged for the project |
| Approved License Count | Number of licenses that have been approved for the project |
⚠
For each of these policy rules, you can set up specific thresholds for what is considered acceptable or not acceptable. For example, you may decide that any project with more than 5 denied vulnerabilities or more than 10 denied licenses is not compliant and requires further review.