Use out-of-the-box policies

Sophos Cloud Optix provides out-of-the-box policies. These are based on popular standards, including cloud provider best practices (for example, AWS and Azure CIS Benchmarks).

To see these policies, go to Compliance > Out of Box Policies.

You can do as follows:

  • Click a policy name to see details of the rules it includes.
  • Click Enable to apply the policy to your environments.
  • Click Customize to create a custom policy. See Customize policies.

These policies assess security and compliance based on the information obtained via the API connections set up when you added your environment.

All the policies enabled in the environment run an assessment periodically and highlight any deviation via alerts and policy reports. You can see policy reports at Compliance > Reports.