Configure Tags in CSAM

Give your tag a name (up to 1024 characters).

Select Mark as Favourite if you want to create a tag as favourite. Favourite tag will be displayed with yellow star in the list.

Add a description for your tag (optional).

This score represents the criticality of the asset to your business infrastructure.

- You can set the asset criticality score between 1 to 5. Score 1 being the lowest criticality and 5 being the highest criticality assigned to an asset, when selected.

- If you don't select asset criticality score, by default the asset criticality score '2' will be applied to that asset.

- If your asset has multiple tags with some asset criticality score, the criticality of your asset will be the maximum criticality score among the tags. (For example, asset 'A' has three tags with asset criticality score 3, 4 and 2 then the asset criticality score of asset 'A' will be 4).

Note: You can change the criticality score from tags, but it doesn't get applied immediately to assets. The changed criticality score gets applied only after the next scan.

Color coding is a great way to organize tags. You might assign different colors to different tag.

When creating a child tag, you can select a parent tag from existing tags in your account. To select existing tag click Select and then choose a tag from Select Tags pop up. You can enable the "Search within child" checkbox. This helps you when searching for parent tags on the Tags page; related child tags will appear.
You can also create a new tag for a parent. Simply, click Create and again similar form to create a tag displays. You'll not be able to create a new parent from this new tag.

There are two types of tags - Static and Dynamic. By default, static tag will be created. Dynamic tag allows you to define Tag Rules. You can select "Evaluate Rule on Creation" checkbox to evaluate dynamic rule once it is created or updated.

The following are the rules that help to identify the assets to apply tags.

- No Dynamic Rule: Your tag will be a static tag.

- Asset Name Contains: Applies the tag when any part of the user-definable asset name contains the substring or substrings you enter. Add multiple substrings separated by the "|" (vertical bar) with no spaces before or after.

- Business Information: Applies tags to the assets with queried business information attributes.

- Asset Inventory: Applies the tag to assets from CyberSecurity Asset Management.

Note: Asset Inventory tag rules are available only if you have the following subscription:

- VMDR (Trial/Purchase) + GAV/CSAM (Trial/Full)

- Non-VMDR/VM + CSAM (Trial/Full)

- IP Address In Range(s): Applies the tag to assets with an IP in the range you enter (e.g. 172.31.254.0-172.31.254.25 or 172.31.254.0/25).

- IP Address In Range(s) + Network(s): Applies the tag to assets with an IP in the range you enter and network.

- Open Ports: Applies the tag to assets whose port listing matches the ports you enter (e.g. 80,123).

- Cloud Asset Search: Applies the tag to Amazon EC2, Microsoft Azure, and Google Cloud Platform instances matching the query you provide. You can also create tags for your cloud assets. For more information, refer to the following:

Tag your Amazon EC2 instances | Tag your Microsoft Azure instances | Tag your Google Cloud Platform instances

- Vuln (QID) Exists: Applies the tag to assets with the vulnerability (QID).

- Groovy Scriptlet: Applies the tag to assets based on the Groovy script.

- Asset Search: Applies the tag to assets based on QID results.

(optional) Select assets in your account to test the rule and click Apply. The result is shown in the "Test Rule Applicability on Selected Assets" section of the 'Create New Tag' page.

Pass: A green color 'Pass' tells you the asset matches the rule.

Fail: A red color 'Fail' tells you the asset does not match the rule.

Note: For the Groovy Scriptlet rule, a gear icon is shown next to the Pass or Fail result. When you click the gear icon, you can see the Groovy rule test results for the assets that you selected.