Skip to main content
Policies define the security thresholds that Turen enforces across your organization. While security rules catch specific patterns, policies set the broader criteria for what’s allowed, what needs review, and what’s blocked.

Policy Types

Package Policies

Control which packages can be installed based on security scores, vulnerabilities, and licenses.

LLM Policies

Configure how the proxy handles LLM traffic, including rule injection and telemetry.

How Policies Are Enforced

  1. Admin configures policies in the dashboard
  2. Policies are distributed to all agents during their regular policy sync (every 15 minutes by default)
  3. Agents enforce policies locally — decisions are made on the developer’s machine, not in the cloud
  4. Events are reported back to the dashboard for monitoring

Policy Versioning

Every policy change creates a new version. You can see:
  • The current policy version in Agents > Compliance
  • When each agent last synced its policy
  • Whether any agents are running an outdated version

Default Policies

Turen ships with secure defaults that work for most organizations. You only need to adjust policies if you want to:
  • Tighten thresholds for higher security environments
  • Relax thresholds for specific use cases
  • Add organization-specific criteria