👋 New here? Take the 5-step tour — fleet to live findings in under 5 min.
Start tour

🔔 Recent activity

Loading…

Policies

Loading…

📐 How policies apply across mixed fleets

Four targeting layers (use the highest one that fits):

  1. Tagenv:prod AND compliance:pci → cross-cuts vendors and asset types. Most durable.
  2. Asset group — saved query like "DC1 crown jewels".
  3. Asset type / vendor — when the syntax matters (e.g. only Cisco IOS).
  4. Individual asset — escape hatch for one-offs.

Same intent, different vendors → automatic. One Unified Policy IR fans out via per-vendor translators (Cisco IOS, NX-OS, Arista, Palo Alto, Juniper, Aruba…) so you author once, SafeCadence emits the right CLI per device.

Asset can't comply? Add an exception with reason + expiry + compensating control instead of weakening the policy.

PolicyTargetingMatched Last evalStatus
Loading…