Custom Pattern Searching

Custom pattern searches are useful when you want to look for patterns specific to your own company, such as web domains. The added custom patterns are valid for scans on account level. After a new custom pattern search is added, all new application scans will use that pattern. In case you want to stop using a custom pattern search, you can easily disable it without deleting it.

Here's how to add a custom pattern search:

  1. From the Home page, select Custom pattern search (under the Shortcuts section).
  2. On the Custom pattern search page, select Add new.

  3. Complete the form:

    The following information is required for each custom pattern search:

    • Name: Choose a short descriptive name for this particular custom pattern search. The name should describe what this search does.
    • Regular expression pattern: What do you want to match? The supported regex syntax is specified here: https://docs.python.org/3/library/re.html.

    Regex examples:

    Matching an email:

     \b[A-Za-z0-9._%+-]+?@[A-Za-z0-9-.]+\.[A-Za-z]{2,}?\b

    Matching a URL:

     /^(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?$/

    Matching without case sensitivity. Use the ? wildcard. For example, to match both 'linux' and 'LINUX' (or other case insensitive variations), use:

     (?i)linux
    • Filetype selectors: Directs the custom pattern search to specified types. You can use .exe, .zip, and .rar syntax for multiple filetypes. You can also use wildcards, such as (*) and (?). You can search for a generic filename without including any extension, such as README.

    Examples:

    • To match all .RAR files, .R01, .R02, etc., use the wildcard .R*
    • To search for a pattern in all files, use only * in the Filetype selectors field.
  4. Select Add.

If your search would return too many results or take too long, you might get an error message instead. If this happens, simplify your search to make it faster. (If your search pattern is too general, try something that will return fewer results.)

Custom pattern search supports both ASCII and unicode characters. There is a minimum length of five characters for custom pattern search. Scanning unicode characters may slow down the scans. Custom pattern unicode search can be enabled for an individual pattern. It is disabled by default.