DataDog · ltaloc · Dec 22, 2025 · Dec 22, 2025
@@ -30,7 +30,7 @@ Cloud Security Misconfigurations uses the following rule types to validate the c
   - **Linux workloads**, using CIS host benchmarks for Linux distributions including Ubuntu, Red Hat, Amazon Linux, and AlmaLinux.
 
     Cloud Security Misconfigurations supports a subset of the Linux distributions that the Agent supports. For more information, see [Supported Platforms][6].
-  
+
   {{% cloud-sec-cloud-infra %}}
 
 ## Explore default compliance rules
@@ -57,24 +57,6 @@ After you customize a rule, click **Update Rule** at the bottom of the page to a
 
 {{< img src="security/cspm/frameworks_and_benchmarks/never-trigger-misconfiguration.png" alt="Customize how your environment is scanned by selecting tags to include or exclude from a rule's scope" >}}
 
-## Set notification targets for compliance rules
-
-You can send real-time notifications when a new misconfiguration is detected in your environment by adding notification targets. The available notification options are:
-
-- [Slack][14]
-- [Jira][15]
-- [PagerDuty][16]
-- [ServiceNow][17]
-- [Microsoft Teams][18]
-- [Webhooks][19]
-- Email
-
-On the [Rules][13] page, select a rule to open its details page. In the **Set severity and notifications** section, configure zero or more notification targets for each rule case. You cannot edit the preset severity. See [Notifications][7] for detailed instructions on configuring notifications for compliance rules.
-
-Alternatively, create [notification rules][21] that span across multiple compliance rules based on parameters such as severities, rule types, rule tags, signal attributes, and signal tags. This allows you to avoid having to manually edit notification preferences for individual compliance rules.
-
-{{< img src="security/cspm/frameworks_and_benchmarks/notification-2.png" alt="The Set severity and notifications section of the rule details page" >}}
-
 ## Create custom rules
 
 You can create custom rules to extend the rules being applied to your environment to evaluate your security posture. You can also clone the default detection rules and edit the copies (Google Cloud only). See [Custom Rules][20] for more information.

@@ -23,7 +23,7 @@ cascade:
 ## Overview
 
 To extend the rules being applied to your environment to evaluate your security posture, you can clone compliance rules and edit the copies, and you can create your own rules from scratch.
-To view the list of the available resource types for your custom rules, see [Cloud Resources Schema][8]. 
+To view the list of the available resource types for your custom rules, see [Cloud Resources Schema][6].
 
 ## Cloning rules
 
@@ -50,10 +50,9 @@ To create a rule from scratch:
 6. Exclude benign activity by specifying queries to include or remove certain resources from misconfigurations.
 7. Validate the logic of your rule by selecting resources and clicking **Test Rule**. See which resources passed and failed, along with corresponding resource tags.
 8. Specify a severity (`Critical`, `High`, `Medium`, `Low`, or `Info`) for the rule.
-9. Select a facet (for example, for each resource type or for each account ID), and [specify a notification target][5] to signal.
-10. In **Say what's happening**, write a description for the notification, using notification options to make it useful. Read [Notifications][6] for details.
-11. Specify tags to apply to the result misconfigurations. Read [Tagging misconfigurations](#tagging-misconfigurations) for more information.
-12. Click **Save Rule**.
+9. In **Say what's happening**, write a description and instructions for investigating and remediating the Finding.
+10. Specify tags to apply to the result misconfigurations. Read [Tagging misconfigurations](#tagging-misconfigurations) for more information.
+11. Click **Save Rule**.
 
     {{< img src="security/cspm/custom_rules/custom_rules_second_half.png" alt="Custom Rules Steps" width="100%">}}
 
@@ -66,7 +65,7 @@ You can assign almost any key-value as a tag. The following table shows tags tha
 | Key              | Valid values                                                                                                             | Description                                                                                                                                          |
 |------------------|--------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `scored`         | `true`, `false`                                                                                                          | Indicates whether to include the rule when calculating organization's overall posture score. Automatically added to cloned rules.                    |
-| `security`       | `compliance`                                                                                                             | Categorizes misconfigurations on the [Security Signals page][7]. Can't be removed.                                                                   |
+| `security`       | `compliance`                                                                                                             | Categorizes misconfigurations on the [Security Signals page][5]. Can't be removed.                                                                   |
 | `requirement`    | String                                                                                                                   | Not allowed for custom rules. Indicates a requirement related to a compliance framework. Don't add this to rules not part of a compliance framework. |
 | `cloud_provider` | `aws`, `gcp`, `azure`                                                                                                    | Cannot be removed. Is set automatically based on resource type.                                                                                      |
 | `control`        | String                                                                                                                   | Not allowed for custom rules. Indicates a control related to a compliance framework. Don't add this to rules not part of a compliance framework.     |
@@ -81,7 +80,5 @@ You can assign almost any key-value as a tag. The following table shows tags tha
 [2]: https://app.datadoghq.com/security/compliance
 [3]: https://www.openpolicyagent.org/docs/latest/
 [4]: /security/cloud_security_management/guide/writing_rego_rules/
-[5]: /security/cloud_security_management/misconfigurations/compliance_rules#set-notification-targets-for-compliance-rules
-[6]: /security/notifications/
-[7]: https://app.datadoghq.com/security/
-[8]: /infrastructure/resource_catalog/schema/
+[5]: https://app.datadoghq.com/security/
+[6]: /infrastructure/resource_catalog/schema/