Configuring risk rules for Application security

Information about configuring risk rules for Application security in the MaaS360 Portal.

When the Risk Based Application Patching service is enabled in the MaaS360 Portal, the Application security risk rule is displayed in the Risk Rule Configurator, which is enabled by default and checks the application security posture of a device. When app vulnerabilities are detected, MaaS360 creates a risk incident and then validates it against the risk rule to calculate the severity and risk score for devices and users. You can disable the risk rule or adjust the severity as required.

Follow these steps to configure risk rules:
  1. From the MaaS360 Portal Home page, navigate to Security > Security Management > Risk Rule Configurator.
  2. Configure the following settings:

    Risk rules

    Application security: This rule checks the application security posture of a device, which is determined based on the threats and exposures detected in the installed apps.

    Condition: Define the severity of the risk based on the security posture of a device. For example, if the application security posture of a device is dangerous, the severity is High.

    Default conditions
    If the application security posture of a device is ... Severity is ...
    Likely unsafe Low
    Unsafe Medium
    Dangerous High