Skip to main content

Prerequisites

General steps

1
Create a custom Semgrep rule.
2
Verify and test that the rule matches the code you want to detect.
3
Optional: Set the custom Semgrep rule as a secure default.
4
Deploy the rule as a guardrail in the following developer interfaces: IDE, PR or MR comments, or pre-commit.
The following table lists the relevant documentation for each step:

Secure default snippet

When creating a custom secure default, you must use category: security and subcategory: secure default values in your rule: