ScanSuite
  • Introduction
  • Architecture
  • Installation
    • Technical Requirements
    • Install ScanSuite server
    • Set up DefectDojo
    • Troubleshooting
    • SSL/TLS Setup
  • Administration
    • Setup parameters and services
    • Configuring API keys for external systems
    • User administration
    • Security logs
  • Usage
    • Products
    • Performing a static code analysis
      • Git repository authentication
      • Scheduling Periodic and Incremental Scans
      • (Optional) Compiling the code
      • Executing the OpenAI scan
    • Managing scan execution
    • Working with scan results
      • Checking for exploitable vulnerabilities
      • Export to Securitm
      • (Optional) Parsing CSV exports
    • Performing dynamic web scanning
      • Authenticated scans
      • API scans
    • Running infrastructure tests
    • Scheduling the scan
    • Creating own scanning rules
  • Versions History
    • v 1.0
    • v 1.1
    • v 1.2
Powered by GitBook
On this page
  1. Usage

Creating own scanning rules

PreviousScheduling the scanNextVersions History

Last updated 1 year ago

ScanSuite supports own set of scanning rules for both static (Semgrep) and dynamic (Nuclei) analysis.

To create a new rule, select the rule type (Nuclei or Semgrep), paste the rule text, and click upload:

To view or change the rule select it via the drop-down menu:

It is possible to generate the Nuclei rule from the vulnerability PoC description using OpenAI connector. Refer to the Admin Manual to obtain and set up the OpenAI API key.

Paste the description including parts of the HTTP request and response used for the vulnerability detection and clock Gen with AI:

The rule will be generated and pasted to the same field. Review it, amend if necessary and click Upload:

Semgrep rules could be managed the same way, but the AI rule generation is not yet supported.

To run the scan, choose the respective scanner with My Rules tag: