How to deactivate a rule

How to deactivate a rule

Sometimes, and for different reasons, you need to de-activate a Kiuwan rule (see https://www.kiuwan.com/docs/display/K5/How+to+manage+Kiuwan+defects+when+I+do+not+completely+agree+with+them ).

Reasons can be of different nature (you are not interested in the validations the rule is performing, the rule for some reason is producing many false positives, or any other reason).

This guide purpose is to teach you how to do it.

Let’s start with some very basic concepts.

When you execute a Kiuwan analysis, Kiuwan applies a set of rules to your source code. For example, a rule can scan for SQL-Injections vulnerabilities, other might be searching for path-traversal issues, etc.

Kiuwan’s ruleset contains more than 3000 rules, but not all of them are by default activated.

Saying that CQM is the default model means that any application you create is, by default, scanned applying the active rules contained within CQM.

Every application is associated with a specific model. If you don’t make any configuration, every new application will be associated with CQM, and therefore the rules to be applied will be those active in CQM.

You can, of course, create your own “custom models" and associate different models to different applications.

What model are you using ?

You can either be using CQM or a custom model.

How to know it ?

If you are using Kiuwan Local Analyzer GUI, you can see it by clicking on Advanced button.

A window will be displayed like this:

If Analysis model field value is Automatic, CQM is being used (the application has no model associated so it will use the default model, CQM).

If you are using any other model, its name will be displayed.

Other way to know the model, is through Kiuwan website. Just go to Application Management, find you application and select Model option.

A windows will open with the Model associated to your application:

I’m using a CQM

If you are using CQM and you want to modify it (for example, deactivating a rule), you must follow next steps:

1. Create your own custom model (most probably as a copy of CQM)

2. Find the rule and deactivate it

3. Publish your model

4. Associate your application to your custom model and run again the analysis

1. Create your initial custom model

To create your custom model please follow instructions detailed at

https://www.kiuwan.com/docs/display/K5/Advanced+Model+Management#AdvancedModelManagement-CreatinganewModel 

2. Find the rule and deactivate it

Got to Rules tab of your custom model and find the rule using the filters (https://www.kiuwan.com/docs/display/K5/Rules+Management#RulesManagement-Rulessection)

Bear in mind that a rule is identified by two fields:

• its name

• for example, “Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')”

• its rule - code

• for example, OPT.JAVA.SEC_JAVA.SqlInjectionRule

So you can search the rule by its name (or description) :

or by its rule code, although in this case you must first enable rule code filter (see image)

and fill if with the rule code

By clicking on the green circle you can de-activate or activate it.

3. Publish your model

You can click on Publish button and provide a version tag.

Once it’s published any new analysis of an application associated to this model will use this latest version.

4. Associate your application to your custom model and run again the analysis

Find your application in Application Management, click on Model button and just select the model just being created.

Now, when you run the analysis of the application, your custom model will be used.

I’m using a custom model

If you are already using a custom model, just follow steps #2 (Find the rule and deactivate it) and #3 (Publish your model) as described above.

Then, re-run your analysis.