Rule Security Analyzer tool
The Rule Security Analyzer tool identifies potential security risks in your applications that may introduce vulnerabilities to attacks such as cross-site scripting (XSS) or SQL injection.
Such vulnerabilities can typically arise only in non-autogenerated rules such as stream rules (HTML, JSP, XML, or CSS) and custom Java or SQL statements.
The Rule Security Analyzer scans non-autogenerated rules, comparing each line with a regular expressions rule to find matches. The tool examines text, HTML, JavaScript, and Java code in function rules and individual activity Java method steps, and other types of information depending on rule type.
The Rule Security Analyzer searches for vulnerabilities in code by searching for matches to regular expressions (regex) defined in Rule Analyzer Regular Expressions rules. Several Rule Analyzer Regular Expression rules are provided as examples for finding common vulnerabilities. You may also create your Rule Analyzer Regular Expression rules to search for other patterns.
The most effective search for vulnerabilities is to rerun the Rule Analyzer several times, each time matching against a different Regular Expressions rule.
Running the Rule Security Analyzer before locking a ruleset is recommended as it allows you to identify and correct issues in rules before they are locked. The Rule Security Analyzer takes a couple of minutes to run through the different regular expressions.
For more information on the Rule Security Analyzer, review the following help documents: Rule Security Analyzer, Searching for security vulnerabilities in rules, and Regular Expression rules.
Want to help us improve this content?