Introducing the runtime rule library

Introducing the Runtime Rule Library: Prebuilt Detection Rules You Can Trust

Building effective detections shouldn't mean starting from scratch. That’s why we’re launching the Runtime Rule Library — a growing collection of prewritten, production-ready security rules designed to help you detect real threats, faster.

Instead of spending time writing and testing custom logic, detection and response teams can now tap into a curated set of rules tailored for modern cloud applications. These aren't your standard WAF rules — they're full-featured, deeply customizable, and built to align with your business logic. Even better, the rule library has rules of different types - including rule recipes (rule builder based) or rule scripts (code based)!

Why it matters:

• Save time: Use rules that are ready out of the box, so you can focus on what matters — investigating and responding to threats.
• Go beyond regex: Our rules are easier to maintain, more expressive, and designed to adapt to real-world application behavior.
• Customize with confidence: Every rule in the library can be modified to reflect your unique environment and risk model.

Whether you're just getting started or looking to expand your detection coverage, the Runtime Rule Library gives you a head start — without compromise.

‍

‍

‍