# View Policy of all your Web Applications/APIs

A summary of all CloudGuard WAF practices is available under **Policy->Policy** in the form of rules view.

![](https://2760087783-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEWA4nfgNrSRL8dA6Kap7%2Fuploads%2FCYPIYXzGAMfeDwWnvgeH%2Fappsec-threat-prevention-rules-view.PNG?alt=media\&token=dcc0bf98-bf47-4769-9a80-3b15550be409)

### Rules table

#### Asset/Zone

The asset or zone (dynamic group of assets) the security practice protects

#### Practices

The CloudGuard WAF practice configured to protect the asset/zone.

#### Mode

The mode can be show:

* **Detect** - The practice is configured to log events without blocking traffic.
* **Prevent** - The practice is configured to block incoming traffic upon detection of a malicious attack.
* **Disabled**
* **Mixed** - The practice may be set to "Detect" or "Prevent" but a mode of at least one sub-practice (e.g. CloudGuard WAF IPS, API Schema Validation, etc.) is set to override the main mode.

#### Exceptions

Shows configured exclusions configured for the practice.

#### Triggers

Shows the Log Trigger object/s configured for the practice.

#### Enforcement

Shows the Agents Profile/s that enforce this rule.

### Tab view

When selecting a rule, the bottom tabs will show the data of the asset/zone the rule protects.

* The "Attribute" tab shows a summary of the asset/zone data.
* The other tabs are the same tabs shown when editing the asset/zone object and can be used to edit the asset and practice configuration without being required to go to either the Assets or Zones.