Adding a New Rule

Owned by Former user (Deleted)
Last updated: Feb 25, 2020 by David P (Deactivated)
4 min read

New rules can be created and added to a policy.

From the Policy Management – Policy Details page, click Add Rule. The New Rule window is displayed:

Enter the rule name and select the applicable scan type from the dropdown list.

Select a rule type from the dropdown list.

For open source scans, the following rule types are available:

  • License – Pertaining to an OS license
  • Vulnerability – Pertaining to an OS library vulnerability
  • Library – Pertaining to an OS library

See Building Conditions below for details and examples of working with condition types, operators and values – as well as multiple sets of conditions per rule.

Under Conditions, from the dropdown list select a condition type. Only relevant options will appear, according to the rule type selected.

According to the condition type, the applicable operator may either appear dynamically (automatically), or it will be selectable.

Click Add Condition to add additional set(s) of conditions to a rule, as needed.

When finished, click Save. The Policy Management – Policy Details page is displayed with the newly added rule listed.

From the Policy management – Policy Details page, click Save to save the newly-added rule to the policy.

Building Conditions 

Condition Types, Operators and Values

Rules support multiple condition types, as well as a variety of operator types – which may be dynamic (automatically populated), or selectable, depending on the associated condition type. Values are alphanumeric, and are either selectable/scrollable, or entered (regular expression / free text).

Example of rule-specific conditions

In this example, the selected rule type (Library Age) dynamically provides a list of five rule-specific conditions to select from. Here, both the operator (greater and equal) as well as the value (as expressed in days) are selectable:

Example of condition with a dynamic operator

In this example, the condition type selected (Detected Vulnerability Severity) dynamically yields a single operator (is). The value (high) is selectable:

Example of condition with selectable operators

In this example, the condition type selected (Vulnerability Age) provides multiple operators to select from. The value (as expressed in days) is selectable:

Example of condition with blacklist / whitelist

When the rule type is License and the condition type is License Name, there are two operators to select from:

  • In List – Violation will occur if selected license is “in list” (in the blacklist)
  • Not in list – Violation will occur if selected license is “not in list” (not in the whitelist)

In this example, the in list operator adds to the blacklist the values (the licenses), which are selected by either searching / scrolling, or typing it in:

Examples of conditions with entered value (regular expression / free text)

In this example, the condition type selected (Library Name) provides one single operator (Contains), and the value is manually entered (regular expression / free text):

In this example, a new value (a license not in the existing list) is entered by typing it in, and then clicking the box it appears in:

Multiple Conditions

Rules can be comprised of multiple (unlimited) sets of conditions, which are connected with the logical operator And.

Example of rule with multiple sets of conditions

In this example, this rule type (Vulnerability) contains two sets of connected conditions.

Note that within the first condition there are two possible values (high or medium):



Read more: