Custom profiles
A custom profile is a benchmark profile that you customize to fit your organization's internally defined standards. You can base a custom profile on an existing benchmark and profile combination, and then specify which rules to apply.
For example, assume that your Center for Internet Security (CIS) Benchmark includes a rule that prohibits users from reusing any of the last 24 passwords that they specified. However, your organization enforces a stricter password policy. In this case, you could create a custom profile that enforces all other benchmark rules but excludes the CIS password rule. In this way, you would achieve more realistic compliance scores.
Custom profiles are typically created for long-term use. During an audit, you can note that a custom profile is applied to meet your organization's requirements.
The Comply API allows you to retrieve lists of profiles and information about specific profiles using the Profiles endpoints.
Create a custom profile
Create a custom profile based on an existing benchmark.
Delete a custom profile
When a custom profile is no longer necessary, you can delete the profile.
- In the Custom profiles table, select one or more profiles to delete.
- In the Actions drop-down menu, select Delete selected.
- When you are prompted to confirm the choice, click Delete.
Previously run scan reports will continue to show results that reflect the custom profile. However, the custom profile appears in red and will be flagged with a warning triangle. The hover help will indicate that the custom profile no longer exists.
Export a custom profile
You can export a list of all, many, or one of your custom profiles along with their details.
- In the Custom profiles table, select one or more custom profiles to export.
- Select Actions, then Export raw data.
- Write a name and description for the export.
- Click Submit.
- You can view your exported custom profiles in the Exported data tab.