Create Operational Risk Policy

JFrog Security Documentation

ft:sourceType
Paligo

An Operational Risk Policy type includes rules that are based on the risk criteria determined by Xray. To create a Policy, do the following:

  1. In the Administration module, select Watches & Policies and from the Policies tab click New Policy.

  2. Select Policy type as Operational Risk, and click New Rule.

    image2022-3-28_17-40-1.png
  3. Select the rule criteria. You can do one of the following:

    1. According to minimal risk level; low, medium or high.

    2. According to specific values of the sub-criteria under Custom Conditions. The Custom Conditions are based on the available Xray Operational Risk data. The relationship between the conditions is Or/And.

      image2022-3-28_17-40-54.png
      image2022-3-28_17-41-35.png

For more information on creating Policies, see Creating Xray Policies and Rules. After creating the Policy, you can proceed to attach it to a Watch, as described in Configuring Xray Watches.