Sometimes false positives do come across, and we have incidents where people who are actually trying to access are getting blocked out, which is how I think Cyber Security Cloud Managed Rules can be improved. It is getting better, but sometimes these cases do happen. I would imagine the opposite is also true where there are certain cases where attackers are able to sneak through. For example, we have been using AI workloads and in that, certain times we have had issues where prompt injection can cause problems. We would to incorporate this in all the workflows where we are using AI as well, so possibly more stringent rules around that would be beneficial.Cyber Security Cloud Managed Rules does the job, and if you have it configured in the correct way as per your requirements, such as IP sets or SQL injection, you are able to get a basic cover, but the workloads are evolving, and I would like to see more flexibility around those rules so that I can make better use of them. Because use cases are increasing, I would to play around with the rules a bit more so that I can say with certainty that my workloads are secure and ingress traffic is secure. That would help me, so I would give a better rating if that can happen. Cyber Security Cloud Managed Rules are generally stable in my experience, but if a new attack vector rises or if something new comes up, they are not very adaptable, which is my feeling and experience. I would say they are stable, but not very versatile.
