Applying pattern rules and rule sets

Rules and rule sets are applied at the application or project level in the Properties view - or in a scan configuration. After you scan applications or projects with applied rules - or use a scan configuration that includes rules - the results of the rule search appear in the views that contain findings.

Applying rules and rule sets in a scan configuration

To enable pattern-based scanning, select the Pattern analysis check box. When you do this, the Pattern Rule Sets and Pattern Rules sections become enabled:

  • To add a rule set, click Add in the Pattern Rule Sets section. This opens the Add Pattern Rule Sets dialog box, which allows you to select one or more rule sets. When you select a rule set, the rules that it contains are displayed in the right side of the dialog box, and the project types that the rule set applies to are listed in the Project types field. Click OK to add the selected rule sets.
  • To add a rule, click Add in the Pattern Rules section. This opens the Add Pattern Rules dialog box, which allows you to select one or more rules. You can also click Create new rule to create a new rule (see Creating a pattern rule). If you create a new rule it will be added to the list and selected. After selecting or creating rules, click OK to add them to the scan configuration.
    Tip: In the Add Pattern Rules dialog box, tooltip help indicates the expressions that are used for each rule.

Applying rules and rule sets using the Properties view

Select the project or application in the Explorer view and then make the modifications listed below to the Pattern Rules and Rule Sets tab of its Properties view. After specifying the rules and rule sets to apply to the application or project, save the application or project properties. Subsequent scans of the application or project will then include the rules.

  • To add a rule set, click Add in the Rule Sets section - or right-click in the section and select Add. This opens the Choose Rule Set dialog box, which allows you to select a rule set to add.
  • To remove a rule set so that it is not used during scans of the application or project, select it and click Remove or right-click the rule set and select Remove.
  • To add a rule, click Add in the Rules section - or right-click in the section and select Add. This opens the Choose Rule dialog box, which allows you to select a rule to add. In this dialog box, you can also click New Rule to create a new rule (see Creating a pattern rule). If you create a new rule it will be added to the list and selected. After selecting or creating a rule, click OK to add it.
  • To remove a rule so that it is not used during scans of the application or project, select it and click Remove or right-click the rule and select Remove. You can also multiselect multiple rules and remove them using these actions.