Create a Natural Language Code Policy
DryRun Security's Natural Language Code Policies (NLCP) are a way to define and enforce security policies in a codebase using natural language instead of complex scripting or specialized rule languages.
In this section we’ll demonstrate how to build and save a Natural Language Code Policy in the DryRun Security Dashboard.
Log in the the DryRun Security portal at https://app.dryrun.security (opens in a new tab).
Navigate to the Code Policies section.
You'll see a list of previously saved
Code Policies.
Click Add New Code Policy
You'll see the Code Policy Builder that can be used to evaluate and save a Natural Language Code Policy.
Enter a Name for the policy.
Choose a Repository and Pull Request to evaluate.
Enter the Natural Language Code Policy details that will be used to evaluate the Pull Request.
- Question(required): A natural language question that identifies whether a specific change relates to the policy. For example, "Does this change bypass authentication on any API endpoints?" or "Does this change add hardcoded credentials?"
- Background(optional): Background information or examples that may be used to refine the evaluation. For example, "This policy should analyze whether the proposed change modifies authentication logic, removes security checks, or introduces alternate paths that could be exploited to access protected resources."
- Guidance(optional): Additional information on actions to take when the policy condition is met.
Click Run to see the results of the Code Policy evaluation.
Once the policy is returning expected results, it can be saved and used in a Repository configuration to evaluate changes to the code base.
Click Save
Done! The Natural Language Code Policy is saved and ready to be used in a Repository configuration.
To apply the Code Policy to one or more repositories, click Configure and follow the steps in Configure a Repository (opens in a new tab)