All Collections
Getting Started with Aikido Security
Core Functionalities
Add Custom SAST Rules
Add Custom SAST Rules

Use Custom SAST Rules to tailor vulnerability detection to your specific development environment.

Maarten De Schuymer avatar
Written by Maarten De Schuymer
Updated over a week ago

Introduction

With these custom rules you can make Aikido scan for specific risks in your codebase, especially those risks that are particularly relevant for your environment. This way you can detect vulnerabilities that broader SAST rules might overlook.

Step-by-Step Guide

Step 1: Go to the repositories checks page.

Step 2: Click on "Create Custom Rule" in the SAST section


Step 3: Enter the following details for your rule:

  • Semgrep rule: Define the rule Aikido will search for. Tip: Use the Semgrep playground to test your rule's effectiveness before saving.

  • Title: Name your rule for easy identification.

  • TL;DR: Provide a concise description of the issue. This will show up in the sidebar.

  • How to fix it: Let your team know the best way to fix this issue.

  • Language: Specify the programming language.

  • Aikido Score: Set the priority level for issue reporting in the main Feed.

Step 4: Once you're satisfied with the rule's configuration, click "Save" to add it to your Aikido SAST checks. Your custom rule is now active and will be automatically applied in future scans.

Related Articles
SAST by Aikido: supported languages and security focus
How to improve risk scoring for your repositories
Ignore Issues to Remove Issues from Main Feed
Using Teams for Repository and User Management
Split Your Monorepo Per Path
Did this answer your question?