Manage Your Rulesets

A ruleset tells us which events should trigger alerts. We provide the "Initial Ruleset" to help you get started. You can use this one or create your own.


The Manager role has all the permissions to create, edit, view, and delete rulesets. The Reader, Unit Manager, and Remediation user roles have permission to view rulesets.

How to configure a new ruleset

Go to Configuration > Rulesets and click New Ruleset. Give the ruleset a name, a description, and then add rules. You do this by choosing the rule type on the left and dragging it to the right, then you set rule criteria. To add additional criteria to any rule, click the Add Criteria link. For example, add host criteria to a vulnerability rule if the rule only applies to certain hosts. Learn more

How are rules evaluated?

We evaluate rules against your most recent vulnerability scans. Alerts are generated as soon as scan results are processed. Certificate rules for expired or expiring certificates are evaluated daily and are not based on scans.

Looking for a ruleset?

The search area above the list allows you to search for rulesets by keywords in the title and description. Click to select specific search criteria or use the search field to set up a search query.