Skip to main content
You can import Semgrep-compatible SAST rules that you create as yaml files. The files must have yaml or yml extensions and the rules should be inside a gzip or tar archive.

Import SAST rules through the user interface

You can bulk import rules through the user interface.
  1. Select Policies & Rules > SAST RULES from the left sidebar.
  2. Click Import. Import SAST rule
  3. Click Browse and select the archive file that contains the rules.
  4. Enter the version of the rule, if required. If you do not enter a version and the rules already exist in the system, the rule upload may fail.

Import SAST rules with endorctl

You can bulk import a number of rules using the following command. endorctl rule-set import --file-path <file> --rule-version <version> -n namespace