Semgrep Custom Rules Level 1

Learn to write custom Semgrep static analysis rules in this introductory course! Custom rules can be used to enforce secure guardrails, coding standards, or find bugs across your codebase.

Enroll for free

Video

Course curriculum

1. Introduction
2. How to Get Started
3. Course Agenda
4. Why Write Custom Rules?
5. Use Cases
1. Meta Variables
2. Ellipses
3. Testing Rules
4. Additional Guidance
1. Scenario 1A: Bug Bounty Report
2. Scenario 1B: Bug Bounty Report
3. Scenario 1 Example
4. Scenario 2A: Tainted User Data Flowing to Vulnerable Package
5. A Hint to Help us Move Forward
6. Scenario 2B: Tainted User Data Flowing to Vulnerable Package
7. Scenario 3: Incorporating Developer Feedback & Best Practices
8. Scenario 4: API Endpoint Authentication
9. Additional Assignment
10. Rule-writing resources
1. Course Survey
2. Thank you for attending Semgrep Academy!

About this course

Free
21 lessons
1 hour of video content

Discover your potential, starting today

Enroll today

Semgrep Custom Rules Level 1

Video

Course curriculum

Introduction

Getting Started

Writing Custom Rules

Conclusion

About this course

Discover your potential, starting today