Skip to main content

Rules Overview

Rules are the main control mechanism for Dam Secure. Rules represent plain-language security requirements that Dam Secure evaluates against your code, such as "Encrypt PII at rest using field-level encryption."

Each rule belongs to a category (e.g. Cryptography & Key Management) and is mapped to the projects where it applies.

When a rule is violated, Dam Secure raises an Issue containing the offending code, an explanation, and a severity rating, so engineers can see exactly what failed and why.

When you create a rule, it sits at the organisation level. You then decide which projects it applies to. That means the same backend-specific SQL rule can run on your two API services without firing on your React frontend.

Example rule definition showing title, category, severity, and applied projects.