Systems, methods, and computer-readable media for configuring and verifying compliance requirements in a network. An example method can include receiving, via a user interface, endpoint group (EPG) inclusion rules defining which EPGs on a network should be included in specific EPG selectors; selecting EPGs that satisfy the EPG inclusion rules for inclusion in the specific EPG selectors; creating the specific EPG selectors based on the selected EPGs; creating a traffic selector including parameters identifying traffic corresponding to the traffic selector; creating a compliance requirement based on a first and second EPG selector from the specific EPG selectors, the traffic selector, and a communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector; determining whether policies on the network comply with the compliance requirement; and generating compliance events indicating whether the policies comply with the compliance requirement.