Track, prioritize, and recertify firewall rules through structured campaigns. Reduce audit preparation time with real-time risk scoring across Fortinet, Check Point, Palo Alto Networks, and Stormshield firewalls.
Create campaigns with different risk levels and custom criteria
The new Campaign module allows you to automatically detect, track and prioritize firewall rules according to custom conditions defined by your security policy. Build targeted campaigns that align with your organization's compliance requirements and risk tolerance.
Ruleblade provides more than 25 different risk items, allowing security teams to scope every campaign from multiple angles. Filter rules by risk level or compliance violations. All risk items are calculated in real-time by Blade Risk , our continuous firewall risk automation engine.
Track progress and manage recertification with instant visibility
Monitor campaign maturity in real-time with comprehensive metrics:
Organize campaigns by firewall perimeters for granular tracking. Allow specific teams to work on their own dedicated firewalls . Built-in field remediation and bulk review capabilities accelerate the recertification process.
Automated remediation detection and centralized review process
Streamline the rule recertification process with automated workflows and bulk capabilities. Transform quarterly compliance reviews from days of manual work into hours of focused decision-making.
Manage all firewall rule reviews from a unified dashboard regardless of vendor (Fortinet, Check Point, Palo Alto, Stormshield). No more switching between multiple management interfaces or reconciling disparate reports.
Ruleblade continuously verifies whether firewall rules have effectively reduced risk for active campaigns. Risk-item scoped campaigns automatically confirm that the targeted risk item is no longer present. Risk-level scoped campaigns validate rules when they meet a lower risk threshold.
Track which rules have been corrected and automatically mark them as compliant when risk items are resolved
Unified campaign management across all major firewall platforms
Comprehensive FortiGate firewall rule recertification with native API integration
Security Gateway and management server campaign orchestration
Support for Panorama and individual PAN-OS firewalls
Stormshield Network Security policy lifecycle management
Create campaigns with risk levels and custom criteria
Leverage 25+ built-in Ruleblade risk items
Track progress with real-time KPIs and metrics
Manage reviews per firewall perimeter
Automated remediation and risk validation
Bulk review capabilities for efficiency
Simplified rule recertification process
Continuous compliance verification
Meet regulatory requirements with automated firewall rule reviews
Requirement 1.2.1: Quarterly firewall rule reviews with complete audit trail and documentation
Article 32: Technical measures ensuring appropriate firewall security through regular policy reviews
A.13.1.1: Network access control policies with documented review and recertification process
French cybersecurity agency guidelines for network security policy lifecycle management
Firewall rule recertification is the periodic review process where policy owners verify that existing firewall rules are still necessary, properly configured, and compliant with security policies. It's required by PCI-DSS (quarterly reviews), ISO 27001, and GDPR. Without regular recertification, firewall rule bases become bloated with outdated, unnecessary, or overly permissive rules, creating security gaps and compliance violations. Automated recertification campaigns reduce manual effort while maintaining continuous audit readiness.
Continuous monitoring tracks firewall changes in real-time. Campaign-based reviews are structured, time-bound initiatives where specific rule sets are systematically recertified by firewall perimeter, age, risk score, or vendor. Blade Campaign combines both approaches: continuous risk scoring alerts you to issues immediately, while scheduled campaigns ensure comprehensive quarterly or annual reviews required for compliance frameworks like PCI-DSS and ISO 27001.
Blade Campaign provides unified orchestration for Fortinet FortiGate, Check Point Security Gateway, Palo Alto Networks (including Panorama), and Stormshield firewalls. All vendors are managed from a single platform with normalized rule views, cross-vendor compliance reporting, and consistent workflow automation - eliminating the need to learn multiple management interfaces.
PCI-DSS Requirement 1.2.1 mandates firewall rule reviews at least every six months. Blade Campaign automates this by: creating scheduled review campaigns for all in-scope firewalls, tracking bulk accept/reject/modify decisions with full audit trails, and showing all reviews completed with timestamps and approvers. This reduces audit preparation time from days to minutes. Automatic compliance reports are coming soon in Ruleblade.
Risk scoring is continuous - every rule receives a dynamic risk score based on 25+ security controls (overly permissive rules, protocol risks, shadow IT, unused rules, etc.). Campaign reviews are periodic governance activities where stakeholders formally recertify rules. Blade Campaign combines both: high-risk rules are automatically flagged within campaigns for priority review, while low-risk rules can be bulk-approved, focusing human effort where it matters most.
Yes. Blade Campaign allows perimeter-based customization: DMZ firewall rules may require quarterly reviews with dual approval, while internal segmentation rules could have annual reviews with single-approver.
Absolutely. Blade Campaign is API-first, enabling integration with GitOps workflows, CI/CD pipelines, and SOAR platforms. You can define compliance policies as code, trigger campaigns via API, export review results programmatically, and integrate with SIEM systems for correlation. This supports modern DevSecOps practices and automated governance at scale.
