Compliance Rules

netbobr evaluates flows against 7 rule sets: built-in structural rules that are always active, plus 6 compliance frameworks that can be toggled independently in the Rules tab - enable only the standards relevant to your environment, or run all of them at once for maximum coverage.

The built-in rules detect structural issues like overly broad addresses, dangerous port ranges, and protocol misconfigurations. The compliance frameworks span payment card security (PCI-DSS), general IT hygiene (CIS Controls), US federal standards (NIST 800-53), EU network security (NIS2), financial sector resilience (DORA), and adversary technique detection (MITRE ATT&CK). Together they provide over 150 rules covering insecure protocols, overly permissive access, network segmentation violations, remote access exposure, and more.

This section documents every rule in each framework, plus the built-in structural rules and the port/service risk database that powers service detection.