# Policies
Policies are the main way for users to configure their Spyderbat environment. Policies provide users with a way to generate tailored alerts, and tune out noise. Currently, policies fall under 1 of 2 categories, guardian and suppression.
* Guardian Policies are designed to establish expected behavior of the resources within their scope be it Linux Services, Containers, or Kubernetes Clusters.
* Suppression Policies are a way of tuning out the noise of Spyderbat's built-in detections. While Spydertraces aim at reducing the number of alerts a user should investigate, varying factors can lead to situations where suppression policies are necessary.
| Policy Type | Category | Supported Selectors | Supported Response Actions | Supports Rulesets |
| ------------- | ----------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------- | ----------------- |
| linux-service | Guardian Workload | Cluster
Machine
Service
| makeRedFlag
makeOpsFlag
agentKillProcess
agentKillProcessGroup
| No |
| container | Guardian Workload | Cluster
Machine
Namespace
Pod
Container
| makeRedFlag
makeOpsFlag
agentKillProcess
agentKillProcessGroup
agentKillPod
| No |
| cluster | Guardian Ruleset | Cluster | makeRedFlag
makeOpsFlag
agentKillPod
| Yes |
| trace | Suppression | Cluster
Machine
Trace
User
| N/A | No |
## Related Pages
* [Response Actions](https://docs.spyderbat.com/reference/policies/response-actions) - Actions that can be taken by Guardian Policies.
* [Selectors](https://docs.spyderbat.com/reference/selectors) - Reference documentation on the various selector types.
* [Rulesets](https://docs.spyderbat.com/reference/rulesets) - Rulesets supported by some policies.