Scan an application using a custom rule package

2020/11/12 |

Lucent Sky AVM has a built-in rule package that will dictate how vulnerabilities are identified and remediated. To alter these behaviors, such as enabling the recognition and utilization of an enterprise security library, a custom rule package must be used. This article describes how to use a custom rule package to scan an application. To learn about creating the content of a custom rule package, contact Lucent Sky support.

In this article, you will learn how to:

  • Create the archive file of a rule package.
  • Create a rule package using the Web UI.
  • Edit a rule package using the Web UI.
  • Delete a rule package using the Web UI.
  • Choose a rule package for a new application.
  • Change the rule package for an existing application.

At the end, you will be able to create, edit, and delete a rule package using the Web UI, and choose a rule package for an application.

Create the archive file of a rule package

The root directory of a rule package should contain one or more of these directories: BinaryRules, Configurations, Mitigations, SourceCodeRules, and Suppressions. To learn more about creating the content of a custom rule package, contact Lucent Sky support.

  1. In File Explorer, navigate to the root directory of the custom rule package you want to upload.
  2. Select all directory of the rule package.
  3. Right-click the selected directory, choose Send to > Compressed (zipped) folder. Or use your preferred archive program (such as 7-Zip) to create an archive in zip format.

Create a rule package using the Web UI

  1. Open the Web UI using a browser and sign in with your credentials.
  2. Select Settings in the upper-right corner, then select Rule packages on the left.
  3. Select Create and upload a new rule package, enter the name of the rule package and choose its framework. Finally, upload the rule package archive file you created previously, then select Create rule package.

Edit a rule package using the Web UI

  1. Open the Web UI using a browser and sign in with your credentials.
  2. Select Settings in the upper-right corner, then select Rule package on the left.

  3. On the rule package you want to edit, select Edit.

    • To change the content of the rule package, select Edit with new file under Edit type, then choose the new rule package archive and (optionally) enter the new name of the rule package.
    • To only rename the rule package, select Edit without new file under Edit type, then enter the new name of the rule package. Finally, select Save.

Delete a rule package using the Web UI

  1. Open the Web UI using a browser and sign in with your credentials.
  2. Select Settings in the upper-right corner, then select Rule package on the left.
  3. On the rule package you want to edit, select Delete.
  4. To delete the rule package, enter yes in the confirmation textbox, then select Delete. Once a rule package has been deleted, all applications using that rule package will use the system's default runtime instead.

Choose a rule package for a new application

  1. Open the Web UI using a browser and sign in with your credentials.
  2. Select New application, enter the name of application and choose its framework, then select More options.
  3. In the expanded options, choose the appropriate rule package in the Rule package drop-down list, then select Create to create the application.

Change the rule package for an existing application

  1. Open the Web UI using a browser and sign in with your credentials.
  2. On the application you want to modify, select Edit, then select More options.
  3. In the expanded options, choose the appropriate rule package in the Rule package drop-down list, then select Save to create the application. Note that this modification only affect future scans of this application and does not impact previous scans.