From 971d6d0d8700ed794624dce1e20f45367fbda0eb Mon Sep 17 00:00:00 2001
From: Benjamin Chouraqui <benjamin.chouraqui@datadoghq.com>
Date: Tue, 24 Jun 2025 15:07:52 +0200
Subject: [PATCH 1/7] feat: added kics as a single-sourced repo

Refs: K9VULN-5661
---
 .gitignore                                    |  6 ++++
 .../iac_scanning/_index.md                    | 28 +++++++++++++++++++
 .../iac_scanning/iac_scanning_rules/_index.md |  0
 .../iac_scanning_rules/terraform/_index.md    |  0
 .../terraform/aws/_index.md                   |  0
 .../terraform/azure/_index.md                 |  0
 .../terraform/gcp/_index.md                   |  0
 .../py/build/configurations/pull_config.yaml  | 13 +++++++++
 .../configurations/pull_config_preview.yaml   | 13 +++++++++
 9 files changed, 60 insertions(+)
 create mode 100644 content/en/security/cloud_security_management/iac_scanning/_index.md
 create mode 100644 content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/_index.md
 create mode 100644 content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/_index.md
 create mode 100644 content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/aws/_index.md
 create mode 100644 content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/azure/_index.md
 create mode 100644 content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/gcp/_index.md

diff --git a/.gitignore b/.gitignore
index d5a291805bc98..878438268b0ef 100644
--- a/.gitignore
+++ b/.gitignore
@@ -127,6 +127,12 @@ content/en/code_analysis/static_analysis_rules/_index.md
 content/en/security/code_security/static_analysis/static_analysis_rules/*
 !content/en/security/code_security/static_analysis/static_analysis_rules/_index.md
 
+# IaC Kics Rules
+content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/**
+!content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/*/
+!content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/*/*/
+!content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/**/_index.md
+
 # Let's keep these so we don't accidentally re-add them to repo
 content/en/continuous_integration/static_analysis/github_actions.md
 content/en/continuous_integration/static_analysis/circleci_orbs.md
diff --git a/content/en/security/cloud_security_management/iac_scanning/_index.md b/content/en/security/cloud_security_management/iac_scanning/_index.md
new file mode 100644
index 0000000000000..c557a9619040e
--- /dev/null
+++ b/content/en/security/cloud_security_management/iac_scanning/_index.md
@@ -0,0 +1,28 @@
+---
+title: IaC Scanning
+further_reading:
+  - link: "/security/cloud_security_management/setup/iac_scanning"
+    tag: "Documentation"
+    text: "Setting up IaC Scanning"
+  - link: "https://www.datadoghq.com/blog/iac-scanning-tools/"
+    tag: "Blog"
+    text: "Building on open source IaC scanning tools with Datadog"
+---
+
+{{< callout url="https://www.datadoghq.com/product-preview/iac-security/" >}}
+  Static Infrastructure as Code (IaC) scanning is in Preview. To request access, complete the form.
+{{< /callout >}}
+
+Static Infrastructure as Code (IaC) scanning integrates with version control systems, such as GitHub, to detect misconfigurations in cloud resources defined by Terraform. The scanning results are displayed in two primary locations: within pull requests during code modifications and on the **Findings** page within Cloud Security.
+
+<div class="alert alert-info">Static IaC scanning supports GitHub for version control and Terraform for infrastructure as code.</div>
+
+{{< img src="security/csm/iac_scanning_explorer3.png" alt="Cloud Security Findings page displaying detected misconfigurations in cloud resources" width="100%">}}
+
+When you click on a finding, the side panel reveals additional details, including a short description of the IaC rule related to the finding and a preview of the offending code.
+
+{{< img src="security/csm/iac_scanning_finding_2.png" alt="Finding side panel highlighting undefined EBS volume encryption in Terraform code." width="100%">}}
+
+## Further reading
+
+{{< partial name="whats-next/whats-next.html" >}}
\ No newline at end of file
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/_index.md b/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/_index.md
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/_index.md b/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/_index.md
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/aws/_index.md b/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/aws/_index.md
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/azure/_index.md b/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/azure/_index.md
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/gcp/_index.md b/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/gcp/_index.md
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/local/bin/py/build/configurations/pull_config.yaml b/local/bin/py/build/configurations/pull_config.yaml
index cdd82d1adfa71..e9105e705669f 100644
--- a/local/bin/py/build/configurations/pull_config.yaml
+++ b/local/bin/py/build/configurations/pull_config.yaml
@@ -621,3 +621,16 @@
                 dependencies: ["https://github.com/DataDog/dd-trace-rb/blob/release/docs/legacy/Compatibility-v1.md"]
                 title: (Legacy) Ruby Compatibility Requirements
 
+      - repo_name: kics
+        contents:
+          - action: pull-and-push-folder
+            branch: benjamin.chouraqui/write-script-to-generate-markdown-files
+            globs:
+            - documentation/rules/**/**/*.md
+            options:
+              dest_dir: '/security/cloud_security_management/iac_scanning/iac_scanning_rules/'
+              path_to_remove: 'documentation/rules'
+              front_matters:
+                dependencies: ["https://github.com/DataDog/kics/blob/4a03fdb28eaa41cb1735b9eaa34afb911579088a/documentation/frontmatter.yaml"]
+                title: DataDog IaC Kics Rules
+
diff --git a/local/bin/py/build/configurations/pull_config_preview.yaml b/local/bin/py/build/configurations/pull_config_preview.yaml
index 93c48d903f17a..f15424e33a3a3 100644
--- a/local/bin/py/build/configurations/pull_config_preview.yaml
+++ b/local/bin/py/build/configurations/pull_config_preview.yaml
@@ -620,3 +620,16 @@
               front_matters:
                 dependencies: ["https://github.com/DataDog/dd-trace-rb/blob/release/docs/legacy/Compatibility-v1.md"]
                 title: (Legacy) Ruby Compatibility Requirements
+
+      - repo_name: kics
+        contents:
+          - action: pull-and-push-folder
+            branch: benjamin.chouraqui/write-script-to-generate-markdown-files
+            globs:
+            - documentation/rules/**/**/*.md
+            options:
+              dest_dir: '/security/cloud_security_management/iac_scanning/iac_scanning_rules/'
+              path_to_remove: 'documentation/rules'
+              front_matters:
+                dependencies: ["https://github.com/DataDog/kics/blob/4a03fdb28eaa41cb1735b9eaa34afb911579088a/documentation/frontmatter.yaml"]
+                title: DataDog IaC Kics Rules

From 4ff04e5eaf555ee6bb9c2eabbcf53067c76b05b6 Mon Sep 17 00:00:00 2001
From: Benjamin Chouraqui <benjamin.chouraqui@datadoghq.com>
Date: Tue, 24 Jun 2025 15:20:25 +0200
Subject: [PATCH 2/7] style: moved the files to the right place

Refs: K9VULN-5661
---
 .gitignore                                    |  8 +++---
 .../iac_scanning/_index.md                    | 28 -------------------
 .../iac_security_rules}/_index.md             |  0
 .../iac_security_rules}/terraform/_index.md   |  0
 .../terraform/aws/_index.md                   |  0
 .../terraform/azure/_index.md                 |  0
 .../terraform/gcp/_index.md                   |  0
 7 files changed, 4 insertions(+), 32 deletions(-)
 delete mode 100644 content/en/security/cloud_security_management/iac_scanning/_index.md
 rename content/en/security/{cloud_security_management/iac_scanning/iac_scanning_rules => code_security/iac_security/iac_security_rules}/_index.md (100%)
 rename content/en/security/{cloud_security_management/iac_scanning/iac_scanning_rules => code_security/iac_security/iac_security_rules}/terraform/_index.md (100%)
 rename content/en/security/{cloud_security_management/iac_scanning/iac_scanning_rules => code_security/iac_security/iac_security_rules}/terraform/aws/_index.md (100%)
 rename content/en/security/{cloud_security_management/iac_scanning/iac_scanning_rules => code_security/iac_security/iac_security_rules}/terraform/azure/_index.md (100%)
 rename content/en/security/{cloud_security_management/iac_scanning/iac_scanning_rules => code_security/iac_security/iac_security_rules}/terraform/gcp/_index.md (100%)

diff --git a/.gitignore b/.gitignore
index 878438268b0ef..69d6343c203c0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -128,10 +128,10 @@ content/en/security/code_security/static_analysis/static_analysis_rules/*
 !content/en/security/code_security/static_analysis/static_analysis_rules/_index.md
 
 # IaC Kics Rules
-content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/**
-!content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/*/
-!content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/*/*/
-!content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/**/_index.md
+content/en/security/code_security/iac_security/iac_security_rules/**
+!content/en/security/code_security/iac_security/iac_security_rules/*/
+!content/en/security/code_security/iac_security/iac_security_rules/*/*/
+!content/en/security/code_security/iac_security/iac_security_rules/**/_index.md
 
 # Let's keep these so we don't accidentally re-add them to repo
 content/en/continuous_integration/static_analysis/github_actions.md
diff --git a/content/en/security/cloud_security_management/iac_scanning/_index.md b/content/en/security/cloud_security_management/iac_scanning/_index.md
deleted file mode 100644
index c557a9619040e..0000000000000
--- a/content/en/security/cloud_security_management/iac_scanning/_index.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: IaC Scanning
-further_reading:
-  - link: "/security/cloud_security_management/setup/iac_scanning"
-    tag: "Documentation"
-    text: "Setting up IaC Scanning"
-  - link: "https://www.datadoghq.com/blog/iac-scanning-tools/"
-    tag: "Blog"
-    text: "Building on open source IaC scanning tools with Datadog"
----
-
-{{< callout url="https://www.datadoghq.com/product-preview/iac-security/" >}}
-  Static Infrastructure as Code (IaC) scanning is in Preview. To request access, complete the form.
-{{< /callout >}}
-
-Static Infrastructure as Code (IaC) scanning integrates with version control systems, such as GitHub, to detect misconfigurations in cloud resources defined by Terraform. The scanning results are displayed in two primary locations: within pull requests during code modifications and on the **Findings** page within Cloud Security.
-
-<div class="alert alert-info">Static IaC scanning supports GitHub for version control and Terraform for infrastructure as code.</div>
-
-{{< img src="security/csm/iac_scanning_explorer3.png" alt="Cloud Security Findings page displaying detected misconfigurations in cloud resources" width="100%">}}
-
-When you click on a finding, the side panel reveals additional details, including a short description of the IaC rule related to the finding and a preview of the offending code.
-
-{{< img src="security/csm/iac_scanning_finding_2.png" alt="Finding side panel highlighting undefined EBS volume encryption in Terraform code." width="100%">}}
-
-## Further reading
-
-{{< partial name="whats-next/whats-next.html" >}}
\ No newline at end of file
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/_index.md
similarity index 100%
rename from content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/_index.md
rename to content/en/security/code_security/iac_security/iac_security_rules/_index.md
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/_index.md
similarity index 100%
rename from content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/_index.md
rename to content/en/security/code_security/iac_security/iac_security_rules/terraform/_index.md
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/aws/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/aws/_index.md
similarity index 100%
rename from content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/aws/_index.md
rename to content/en/security/code_security/iac_security/iac_security_rules/terraform/aws/_index.md
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/azure/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/azure/_index.md
similarity index 100%
rename from content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/azure/_index.md
rename to content/en/security/code_security/iac_security/iac_security_rules/terraform/azure/_index.md
diff --git a/content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/gcp/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/gcp/_index.md
similarity index 100%
rename from content/en/security/cloud_security_management/iac_scanning/iac_scanning_rules/terraform/gcp/_index.md
rename to content/en/security/code_security/iac_security/iac_security_rules/terraform/gcp/_index.md

From 830e4f78ee0d7bd29487353e1fc6bd45d2bff5dd Mon Sep 17 00:00:00 2001
From: Benjamin Chouraqui <benjamin.chouraqui@datadoghq.com>
Date: Tue, 24 Jun 2025 19:02:35 +0200
Subject: [PATCH 3/7] style: moved the IaC files to the new place thy're
 supposed to be

Also added them to the menu

Refs: K9VULN-5661
---
 .gitignore                                                  | 6 ++----
 config/_default/menus/main.en.yaml                          | 5 +++++
 .../iac_security/iac_security_rules/terraform/_index.md     | 0
 .../iac_security/iac_security_rules/terraform/aws/_index.md | 0
 .../iac_security_rules/terraform/azure/_index.md            | 0
 .../iac_security/iac_security_rules/terraform/gcp/_index.md | 0
 go.mod                                                      | 2 +-
 go.sum                                                      | 4 ++--
 local/bin/py/build/configurations/pull_config.yaml          | 4 ++--
 local/bin/py/build/configurations/pull_config_preview.yaml  | 4 ++--
 10 files changed, 14 insertions(+), 11 deletions(-)
 delete mode 100644 content/en/security/code_security/iac_security/iac_security_rules/terraform/_index.md
 delete mode 100644 content/en/security/code_security/iac_security/iac_security_rules/terraform/aws/_index.md
 delete mode 100644 content/en/security/code_security/iac_security/iac_security_rules/terraform/azure/_index.md
 delete mode 100644 content/en/security/code_security/iac_security/iac_security_rules/terraform/gcp/_index.md

diff --git a/.gitignore b/.gitignore
index 69d6343c203c0..d2c5424f20ce5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -128,10 +128,8 @@ content/en/security/code_security/static_analysis/static_analysis_rules/*
 !content/en/security/code_security/static_analysis/static_analysis_rules/_index.md
 
 # IaC Kics Rules
-content/en/security/code_security/iac_security/iac_security_rules/**
-!content/en/security/code_security/iac_security/iac_security_rules/*/
-!content/en/security/code_security/iac_security/iac_security_rules/*/*/
-!content/en/security/code_security/iac_security/iac_security_rules/**/_index.md
+content/en/security/code_security/iac_security/iac_security_rules/*
+!content/en/security/code_security/iac_security/iac_security_rules/_index.md
 
 # Let's keep these so we don't accidentally re-add them to repo
 content/en/continuous_integration/static_analysis/github_actions.md
diff --git a/config/_default/menus/main.en.yaml b/config/_default/menus/main.en.yaml
index 4861d2e058a20..6e4347c79709d 100644
--- a/config/_default/menus/main.en.yaml
+++ b/config/_default/menus/main.en.yaml
@@ -6946,6 +6946,11 @@ menu:
       url: /security/code_security/iac_security/exclusions/
       parent: code_security_iac_security
       weight: 100001
+    - name: Rules
+      identifier: code_security_iac_security_rules
+      url: /security/code_security/iac_security/iac_security_rules/
+      parent: code_security_iac_security
+      weight: 100002
     - name: Developer Tool Integrations
       identifier: dev_tool_int
       url: /security/code_security/dev_tool_int/
diff --git a/content/en/security/code_security/iac_security/iac_security_rules/terraform/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/_index.md
deleted file mode 100644
index e69de29bb2d1d..0000000000000
diff --git a/content/en/security/code_security/iac_security/iac_security_rules/terraform/aws/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/aws/_index.md
deleted file mode 100644
index e69de29bb2d1d..0000000000000
diff --git a/content/en/security/code_security/iac_security/iac_security_rules/terraform/azure/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/azure/_index.md
deleted file mode 100644
index e69de29bb2d1d..0000000000000
diff --git a/content/en/security/code_security/iac_security/iac_security_rules/terraform/gcp/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/terraform/gcp/_index.md
deleted file mode 100644
index e69de29bb2d1d..0000000000000
diff --git a/go.mod b/go.mod
index 011f55d2102a5..e7d45b1083458 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.14
 
 require (
 	github.com/DataDog/websites-modules v1.4.235 // indirect
-	github.com/DataDog/websites-sources v0.0.0-20250606082516-6e5a26ff9d0e // indirect
+	github.com/DataDog/websites-sources v0.0.0-20250623110041-abe36d54e0a9 // indirect
 )
 
 // replace github.com/DataDog/websites-modules => /Users/lisiane.turlure/guac/websites-modules
diff --git a/go.sum b/go.sum
index 08bad025832ea..bc2a9a9a2f3e5 100644
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,4 @@
 github.com/DataDog/websites-modules v1.4.235 h1:4mHFdC2YH3w9zdxYuqShgr7Z8rgHPppxWFMKwM32GFU=
 github.com/DataDog/websites-modules v1.4.235/go.mod h1:CcQxAmCXoiFr3hNw6Q+1si65C3uOP1gB+7aX4S3h+CQ=
-github.com/DataDog/websites-sources v0.0.0-20250606082516-6e5a26ff9d0e h1:F4Khh33ikLmXpHrBaz4vgoBusJhjQGVn/iavRxGsXiU=
-github.com/DataDog/websites-sources v0.0.0-20250606082516-6e5a26ff9d0e/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=
+github.com/DataDog/websites-sources v0.0.0-20250623110041-abe36d54e0a9 h1:SnmbIKBA0iKvyyBh7j3PdgOLS45DgAreBJBMBT2qPJQ=
+github.com/DataDog/websites-sources v0.0.0-20250623110041-abe36d54e0a9/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=
diff --git a/local/bin/py/build/configurations/pull_config.yaml b/local/bin/py/build/configurations/pull_config.yaml
index e9105e705669f..76388f4b47ca5 100644
--- a/local/bin/py/build/configurations/pull_config.yaml
+++ b/local/bin/py/build/configurations/pull_config.yaml
@@ -628,8 +628,8 @@
             globs:
             - documentation/rules/**/**/*.md
             options:
-              dest_dir: '/security/cloud_security_management/iac_scanning/iac_scanning_rules/'
-              path_to_remove: 'documentation/rules'
+              dest_dir: '/security/code_security/iac_security/iac_security_rules/'
+              path_to_remove: 'documentation/'
               front_matters:
                 dependencies: ["https://github.com/DataDog/kics/blob/4a03fdb28eaa41cb1735b9eaa34afb911579088a/documentation/frontmatter.yaml"]
                 title: DataDog IaC Kics Rules
diff --git a/local/bin/py/build/configurations/pull_config_preview.yaml b/local/bin/py/build/configurations/pull_config_preview.yaml
index f15424e33a3a3..20c1024a007b2 100644
--- a/local/bin/py/build/configurations/pull_config_preview.yaml
+++ b/local/bin/py/build/configurations/pull_config_preview.yaml
@@ -628,8 +628,8 @@
             globs:
             - documentation/rules/**/**/*.md
             options:
-              dest_dir: '/security/cloud_security_management/iac_scanning/iac_scanning_rules/'
-              path_to_remove: 'documentation/rules'
+              dest_dir: '/security/code_security/iac_security/iac_security_rules/'
+              path_to_remove: 'documentation/'
               front_matters:
                 dependencies: ["https://github.com/DataDog/kics/blob/4a03fdb28eaa41cb1735b9eaa34afb911579088a/documentation/frontmatter.yaml"]
                 title: DataDog IaC Kics Rules

From c7dc458a58c4182861b152f71cec4a9577beb82b Mon Sep 17 00:00:00 2001
From: Benjamin Chouraqui <benjamin.chouraqui@datadoghq.com>
Date: Thu, 26 Jun 2025 12:18:33 +0200
Subject: [PATCH 4/7] feat: added filters on the IaC rules page

Refs: K9VULN-5661, K9VULN-5662
---
 .../iac_security/iac_security_rules/_index.md |  50 +++
 go.mod                                        |   2 +-
 go.sum                                        |   4 +-
 layouts/iac_security/list.html                | 406 ++++++++++++++++++
 4 files changed, 459 insertions(+), 3 deletions(-)
 create mode 100644 layouts/iac_security/list.html

diff --git a/content/en/security/code_security/iac_security/iac_security_rules/_index.md b/content/en/security/code_security/iac_security/iac_security_rules/_index.md
index e69de29bb2d1d..6538dfb6d37ec 100644
--- a/content/en/security/code_security/iac_security/iac_security_rules/_index.md
+++ b/content/en/security/code_security/iac_security/iac_security_rules/_index.md
@@ -0,0 +1,50 @@
+---
+title: IaC Rules
+description: View rules for multiple languages for Static Code Analysis.
+aliases:
+- /continuous_integration/static_analysis/rules
+- /static_analysis/rules
+- /code_analysis/static_analysis_rules
+- /security/code_security/static_analysis_rules
+is_beta: false
+type: iac_security
+  
+cascade:
+  modal:
+    title: Try this rule and analyze your code with Datadog Code Security
+    top_box:
+      title: How to use this rule
+      steps:
+        - Create a static-analysis.datadog.yml with the content above at the root of your repository
+        - Use our free IDE Plugins or add Code Security scans to your CI pipelines
+        - Get feedback on your code
+      footer: For more information, please read the <a href="/security/code_security/">Code Security documentation</a>
+    footer:
+      text: Use Datadog Code Security to catch code issues at every step of your development process
+      link:
+        name: Datadog Code Security
+        url: https://www.datadoghq.com/product/code-security/
+
+  banner:
+    title: "<span>Seamless integrations.</span> Try Datadog Code Security"
+    link:
+      name: Datadog Code Security
+      url: https://www.datadoghq.com/product/code-security/
+
+further_reading:
+  - link: "/security/code_security/"
+    tag: "Documentation"
+    text: "Learn about Datadog Code Security"
+---
+
+{{% site-region region="gov" %}}
+<div class="alert alert-danger">
+    Code Security is not available for the {{< region-param key="dd_site_name" >}} site.
+</div>
+{{% /site-region %}}
+
+## Overview
+
+Datadog Static Code Analysis provides out-of-the-box rules to help detect security vulnerabilities, bugs, and maintainability issues in your codebase. For more information, see the [Setup documentation][1].
+
+[1]: /security/code_security/static_analysis/setup/
diff --git a/go.mod b/go.mod
index e7d45b1083458..d7e4448886fb9 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.14
 
 require (
 	github.com/DataDog/websites-modules v1.4.235 // indirect
-	github.com/DataDog/websites-sources v0.0.0-20250623110041-abe36d54e0a9 // indirect
+	github.com/DataDog/websites-sources v0.0.0-20250625141626-f25b35e87032 // indirect
 )
 
 // replace github.com/DataDog/websites-modules => /Users/lisiane.turlure/guac/websites-modules
diff --git a/go.sum b/go.sum
index bc2a9a9a2f3e5..e4a5d9fcc3190 100644
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,4 @@
 github.com/DataDog/websites-modules v1.4.235 h1:4mHFdC2YH3w9zdxYuqShgr7Z8rgHPppxWFMKwM32GFU=
 github.com/DataDog/websites-modules v1.4.235/go.mod h1:CcQxAmCXoiFr3hNw6Q+1si65C3uOP1gB+7aX4S3h+CQ=
-github.com/DataDog/websites-sources v0.0.0-20250623110041-abe36d54e0a9 h1:SnmbIKBA0iKvyyBh7j3PdgOLS45DgAreBJBMBT2qPJQ=
-github.com/DataDog/websites-sources v0.0.0-20250623110041-abe36d54e0a9/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=
+github.com/DataDog/websites-sources v0.0.0-20250625141626-f25b35e87032 h1:LFmm+r+X6KmYvAmp6/vjg3J3rqvF/gRoL1QXcj8L/ds=
+github.com/DataDog/websites-sources v0.0.0-20250625141626-f25b35e87032/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=
diff --git a/layouts/iac_security/list.html b/layouts/iac_security/list.html
new file mode 100644
index 0000000000000..a43e65849f8eb
--- /dev/null
+++ b/layouts/iac_security/list.html
@@ -0,0 +1,406 @@
+{{ define "main" }}
+    {{ $dot := . }}
+
+    <!-- From imported files -->
+    {{ $list := sort .Pages }}
+    
+
+    <div class="row">
+        <div class="col-12 order-1">
+            <h1 id="pagetitle">{{ .Title }}</h1>
+        </div>
+        <div class="col-12">
+            {{ partial "breadcrumbs.html" . }}
+        </div>
+    </div>
+     
+    {{ partial "translate_status_banner/translate_status_banner.html" . }}
+    {{ .Content }}
+
+    {{ $products := slice }}
+    {{ $ruleset_params := .Params }}
+    {{ $pad := newScratch }}
+
+    <!-- Build slice of unique cloud_providers to validate against url param `cloud_providers` on page load -->
+    {{ range ($list.GroupByParam "group_id") }}
+        {{ range .Pages }}
+            {{ $pad.Set "cloud_providers" ( union ($pad.Get "cloud_providers") (slice (( .Params.meta.cloud_provider ))) ) }}
+        {{ end }}
+    {{ end }}
+
+    {{ $valid_clouds := $pad.Get "cloud_providers" }}
+    <div 
+    class="multifilter-search-component w-100 min-vh-100 d-flex flex-column"
+    x-data="{
+        filterTypes: {
+            cloud_providers: [],
+            categories: [],
+            severities: []
+        },
+        searchValue: '',
+        openedFilterForm: null,
+        showEmptyResultsMsg: false,
+        filteredRulesets: new Set(),
+        resetFilteredRulesets () {
+            // Empty filtered rulesets
+
+            this.filteredRulesets = new Set()
+        },
+        shouldShowRuleSet (ruleset, shouldShowRule) {
+            // Manage visibility of ruleset group
+
+            const rulesetID = ruleset.dataset.groupId
+
+            if(shouldShowRule){
+                this.filteredRulesets.add(rulesetID)
+                ruleset.classList.remove('d-none')
+            }else if (!this.filteredRulesets.has(rulesetID)){
+                ruleset.classList.add('d-none')
+            }
+        },
+        shouldShowRule (ruleEl) {
+            // Determines rule display
+            // Compares search values and filter values against ruleInfo
+            
+            const ruleInfo = ruleEl.dataset.info.split(';')
+            const ruleFilterInfo = ruleInfo[0].toLowerCase().split(',')
+            const ruleSearchInfo = ruleInfo.slice(1).join(' ').toLowerCase()
+
+            const filterValues = Object.values(this.filterTypes)
+            const searchValues = this.searchValue.split(' ')
+
+            /**
+            *   FILTER LOGIC (containsFilteredValue) e.g.
+            *   {
+            *      cloud_providers: [aws, azure],
+            *      categories: [severity],
+            *      severities: [warning]
+            *   }
+            *   show ruleEl if condition met ('Javascript' OR 'Docker') AND Security AND Warning
+            */
+
+            const containsFilteredValue = filterValues.every(t => t.length ? t.some(f => ruleFilterInfo.includes(f.split(',')[0].toLowerCase())) : true ) // checks filter attrs match at least one filter value. allows for multiple selection of a filter type.
+            const containsSearchValues = searchValues.every(word => ruleSearchInfo.includes(word.toLowerCase())) // checks search attrs match a typed query
+
+            this.shouldShowRuleSet(ruleEl.closest('.ruleset'), containsSearchValues && containsFilteredValue)
+
+            if(containsSearchValues && containsFilteredValue){
+                ruleEl.classList.add('show')
+            }else{
+                ruleEl.classList.remove('show')    
+            }
+
+            return containsSearchValues && containsFilteredValue
+        },
+        pushState (filterType=undefined, filterOption=undefined) {
+            // Updates url with new query params for filter type and search without refreshing the page
+
+            const url = new URL(window.location.href)
+            let newURL = ''
+            if(filterType){
+                if(!url.searchParams.getAll(filterType).includes(filterOption)){
+                    // add one key:value param
+                    url.searchParams.append(filterType, filterOption)
+                }else{
+                    // remove one key:value param
+                    const regex = new RegExp(`([\\&\\?])${filterType}=${filterOption.replace(' ', '\\+')}(?=\&|$)`, 'g');
+                    newURL = url.toString().replaceAll(regex, '').replace('/&', '/?')
+                }
+                if(!this.filterTypes[filterType].length) {
+                    url.searchParams.delete(filterType)
+                }
+            }else {
+                url.searchParams.set('search', this.searchValue)
+                if(!this.searchValue) {
+                    url.searchParams.delete('search')
+                }
+            }
+
+            window.history.pushState(null,'', newURL || url.toString())
+        },
+        updateWithURLParams (validClouds) {
+            // Updates x-data properties with url param values
+            
+            const validCloudsArr = validClouds.replaceAll(/[\[\]]/g, '').split(' ')
+            const url = new URL(window.location.href)
+            const cloudAliasMap = validCloudsArr.reduce((acc,l) => {
+                // map to appropriate cloud display name 
+                const [cloud, displayName] = l.split(';')
+                acc[cloud.toLowerCase()] = displayName
+                return acc
+            }, {})
+            
+            Array.from(url.searchParams.entries()).forEach(([key, value]) => {
+                if (key === 'search'){
+                    this.searchValue = value
+                } else if ((key === 'cloud_providers') && validCloudsArr.some(l => l.replace(/\;\w./, '').toLowerCase() === value.toLowerCase())){
+                    const logoName = this.cloud_providers[value.toLowerCase()] ?? value
+                    const displayName = cloudAliasMap[value.toLowerCase()] ?? value
+                    const cloudLookupName = cloudAliasMap[value.toLowerCase()] ? `,${value}`: ''
+                    this.filterTypes[key].push(`${displayName},https://static.datadoghq.com/static/images/logos/${logoName.toLowerCase()}_avatar.svg${cloudLookupName}`)
+                } else if (key != 'cloud_providers'){
+                    this.filterTypes[key]?.push(value)
+                }
+            })
+        },
+        toggleRuleSet (selectedRulesetEl) {
+            // Manage ruleset accordians
+
+            selectedRulesetEl.classList.toggle('active')
+            selectedRulesetEl.previousElementSibling.classList.toggle('d-none')
+        },
+        toggleFilterForm (selectedFilterFormEl) {
+            // manage filter form accordian
+
+            const filterTypeID = selectedFilterFormEl.dataset.id
+            this.openedFilterForm = (this.openedFilterForm === filterTypeID) ? null : filterTypeID
+        },
+        copyHref (selectedRuleEl) {
+            // Copy href
+
+            const clickableIconWrapper = selectedRuleEl
+            const copyConfirmedIconWrapper = clickableIconWrapper.nextElementSibling
+            const anchor = clickableIconWrapper.dataset.anchor
+            const {pathname, origin} = window.location
+            const path = new URL(`${origin}${pathname}${anchor}`)
+
+            const Clipboard = navigator.clipboard
+            // write href to clipboard
+            Clipboard.writeText(path.href).then(() => {
+                clickableIconWrapper.classList.add('d-none');
+                copyConfirmedIconWrapper.classList.remove('d-none')
+                setTimeout(function() {
+                    clickableIconWrapper.classList.remove('d-none');
+                    copyConfirmedIconWrapper.classList.add('d-none')
+                }, 1000)
+            })
+        },
+        deleteOneSelection (filterType, filterOption) {
+            // delete one filterOption from selections in filter toggler
+
+            this.filterTypes[filterType] = this.filterTypes[filterType].filter(s => s !== filterOption)
+
+            const [displayName,_,cloudLookupName] = filterOption.split(',')
+            const filterName = cloudLookupName || displayName
+            this.pushState(filterType, filterName)
+        },
+        deleteAllSelections (filterType) {
+            // delete all selections of a filter type from filter toggler and url params
+
+            this.filterTypes[filterType] = []
+            this.openedFilterForm = null
+            const url = new URL(window.location.href)
+            url.searchParams.delete(filterType)
+            window.history.pushState(null,'', url.toString())
+        },
+        emptyResultsMsg () {
+            // Determine and return the appropriate empty results message
+
+            const filterValues = Object.values(this.filterTypes).flat().map(item => item.split(',')[0]).join(', ')
+            if(filterValues.length && this.searchValue){
+                return `No results found for query on search: '${this.searchValue}' and filter: '${filterValues}'`
+            }else{
+                return `No results found for query '${this.searchValue || filterValues}'`
+            }
+        }
+    }"
+    x-init="updateWithURLParams('{{$valid_clouds}}')">
+        {{/*  DATA TABLE  */}}
+        <div class="col-12 order-1">
+            <div class="ps-0">
+                {{ range $list.GroupByParam "group_id" }}
+                {{ $group_id := .Key }}
+                {{ $ruleset_title := index (index $ruleset_params.rulesets .Key) "title"}}
+                {{ $ruleset_description := index (index $ruleset_params.rulesets .Key) "description"}}
+                <div
+                data-group-id="{{ $group_id }}" 
+                class="ruleset d-flex flex-column"
+                id="{{ $group_id }}"
+                >
+                    <div class="ruleset-body mb-3 order-1">
+                        <div class="d-flex flex-column">
+                            <span class="m-0">{{printf "Ruleset ID: %s" .Key}}</span>
+                            <span class="ruleset-description m-0">{{$ruleset_description | markdownify}}</span>
+                        </div>
+                        <div class="ps-0 mt-1">
+                            {{ range .Pages }}
+                            {{ $rule_cloud_provider := ( .Params.meta.cloud_provider ) }}
+                            {{/*  
+                                build a string with rule's lookup info for filtering and searching against
+                            */}}
+                            {{ $rule_id := index (split .Params.meta.name "/") 1}}
+                            {{ $filter_info := (printf "%s,%s,%s,%s" .Params.meta.cloud_provider .Params.meta.category .Params.meta.severity .Params.meta.cloud_provider) }}
+                            {{ $rule_info := (replaceRE "(`|')" "" (delimit (slice $filter_info ($rule_id|lower) ($ruleset_description|lower) $ruleset_title .Params.group_id .Title ) ";")) }}
+                            <div 
+                            class="rule d-flex justify-content-between border p-1 position-relative"
+                            data-info="{{ $rule_info }}"
+                            data-name="{{ .Title }}"
+                            x-cloak x-show.important="shouldShowRule($el)"
+                            >
+                                <div class="rule-name-container d-flex align-items-center">
+                                    {{ $int_logo := partial "integrations-logo.html" (dict "context" $dot "basename" $rule_cloud_provider "variant" "avatar") }}
+                                    {{ if $int_logo }}
+                                    <img src="{{ $int_logo }}" height="18" alt="{{$int_logo}}"/>
+                                    {{ end }}
+                                    <a href="{{.Permalink}}" class="stretched-link">{{.Title}}</a>
+                                </div>
+                                <div class="d-flex justify-content-end">
+                                    <span class="d-none d-md-block">{{ $rule_id }}</span>
+                                    <div class="ruleset-header__arrow fw-semibold ms-1">></div>
+                                </div>
+                            </div>
+                            
+                            {{/*  
+                                build object with unique values for filter dropdowns (.filter-selection-container)
+                                e.g:
+                                filters: {
+                                    Cloud_Provider: [],
+                                    Category: [],
+                                    Severity: {}
+                                }
+                            */}}
+                            {{ $pad.SetInMap "filters" "Cloud_Providers" (union (index ($pad.Get "filters") "Cloud_Providers") (slice .Params.meta.cloud_provider)) }}
+                            {{ $pad.SetInMap "filters" "Categories" (union (index ($pad.Get "filters") "Categories") (slice .Params.meta.category)) }}
+                            {{ $pad.SetInMap "filters" "Severities" (merge (index ($pad.Get "filters") "Severities") (dict (string .Params.meta.severity) .Params.meta.severity)) }}
+                            {{/*  
+                                build object of arrays with unique cloud provider for each ruleset header (.ruleset-header )
+                                cloudProvidersByRuleset: {
+                                    rulesetID: [<cloud_providers>],
+                                    ...
+                                }    
+                            */}}
+                            {{ $pad.SetInMap "cloudProviderByRuleSet" $group_id (union (index ($pad.Get "cloudProviderByRuleSet") $group_id) (slice $rule_cloud_provider)) }}
+                            {{ end }}
+                        </div>
+                    </div>
+
+                    {{/* RULESET-HEADER - Keep here. scratch pad for cloudProviderByRuleSet needs to build first */}}
+                    <button
+                    data-header-id="{{ $group_id }}" 
+                    class="ruleset-header w-100 border mb-1 d-flex align-items-center justify-content-between"
+                    @click="toggleRuleSet($el)"
+                    >
+                        <div class="d-flex align-items-center h-100">
+                            {{$ruleset_cloud_providers := index ($pad.Get "cloudProviderByRuleSet") $group_id}}
+                            <div class="d-flex align-items-center h-100">
+                                {{ $int_logo := partial "integrations-logo.html" (dict "context" $dot "basename" (index $ruleset_cloud_providers 0) "variant" "avatar") }}
+                                {{ if $int_logo }}
+                                <img class="ruleset-header__logo" src="{{ $int_logo }}" height="18" alt="{{$int_logo}}"/>
+                                {{ if gt (len $ruleset_cloud_providers) 1 }}
+                                <span class="ruleset-header__plus fw-semibold">+{{sub (len $ruleset_cloud_providers) 1}}</span>
+                                {{ end }}
+                                {{ end }}
+                            </div>
+                            <span class="ruleset-header__text fw-semibold">{{$ruleset_title}}</span>
+                            <span data-anchor="#{{$group_id}}" @click.stop="copyHref($el)">{{ partial "icon" (dict "name" "click" "title" (printf "copy anchor for %s" $ruleset_title) ) }}</span>
+                            <span class="d-none">{{ partial "icon" (dict "name" "check-bold" "color" "#7c3eb9" ) }}</span>
+                        </div>
+                        <div class="ruleset-header__arrow fw-semibold">></div>
+                    </button>
+                </div>
+                {{ end }}
+                {{/*  hook into the app lifecycle. $watch for 'filteredRulesets' to change and update the 'showEmptyResultsMsg' property  */}}
+                <div x-init="showEmptyResultsMsg = !filteredRulesets.size; $watch('filteredRulesets', value => showEmptyResultsMsg = !value.size)">
+                    <template x-if="showEmptyResultsMsg">
+                        <span class="fw-semibold" x-text="emptyResultsMsg"></span>
+                    </template>
+                </div>
+            </div>
+        </div>
+        {{/*  NAV - Keep here. scratch pad for filters need to form first */}}
+        <nav id="multifilter-search-nav" class="container px-0">
+            {{ $filter_types := (slice "Cloud_Providers" "Categories" "Severities") }}
+            <div class="filters__multifilter row">
+                {{ range $filter_types }}
+                {{ $filter_type := . | lower}}
+                <div class='filter-type flex-column col-12 col-md-{{cond (eq $filter_type "cloud_providers") "12" "6" }}' data-id="{{$filter_type}}" >
+                    <p class="filter-type-name fw-semibold">{{ . }}</p>
+                    <div class="filter-component position-relative">
+                        {{/*  FILTER TOGGLER  */}}
+                        <button 
+                        data-id="{{$filter_type}}"
+                        class="toggler w-100 rounded position-relative"
+                        @click.stop="toggleFilterForm($el)">
+                            <div class="selections d-flex">
+                                {{/*  All  */}}
+                                <template x-if="!filterTypes['{{$filter_type}}'].length">
+                                    <span class="all fw-semibold">All</span>
+                                </template>
+                                {{/*  Show filter selections from `filterTypes` data */}}
+                                <template x-for="(filter, idx) in filterTypes['{{$filter_type}}']" :key="idx">
+                                    <div 
+                                    :data-id="filter.split(',')[0].toLowerCase().replaceAll(' ', '-')" 
+                                    class="selection-container rounded d-flex align-items-center">
+                                        <template x-if="filter.split(',')[1]">
+                                            <img :src="filter.split(',')[1]" height="14" alt="filter.split(',')[0]"/>
+                                        </template>
+                                        <span class="selection-name" x-text="filter.split(',')[0]"></span>
+                                        <div 
+                                        :data-id="filter.split(',')[0].toLowerCase().replaceAll(' ', '-')" 
+                                        class="close-light-wrapper" @click.stop="resetFilteredRulesets; deleteOneSelection('{{ $filter_type }}', filter )">
+                                            {{ partial "icon" (dict "name" "close-light_x" "title" "delete" "size" "14px") }}
+                                        </div>
+                                    </div>
+                                </template>
+                            </div>
+                            <div class="overflow-gradient h-100 position-absolute top-0 end-0 rounded-end">
+                                <template x-if="filterTypes['{{$filter_type}}'].length">
+                                    <span class="cancel-circle-wrapper" @click.stop="resetFilteredRulesets; deleteAllSelections('{{ $filter_type }}')">
+                                        {{ partial "icon" (dict "name" "x-circle-solid" "title" "delete all" ) }}
+                                    </span>
+                                </template>
+                                <span class="chevron-wrapper d-flex align-items-center justify-content-center position-relative h-100">
+                                    <div class="chevron chevron-down"></div>
+                                </span>
+                            </div>
+                        </button>
+                        {{/*  FILTER FORM  */}}
+                        <form 
+                        data-id="{{$filter_type}}"
+                        class="d-flex flex-column bg-white rounded position-absolute w-100"
+                        x-cloak x-show.important="openedFilterForm === '{{$filter_type}}'"
+                        @click.outside="openedFilterForm = null"
+                        >
+                            <div class="filter-selection-container">
+                                <span>All</span>
+                            </div>
+                            {{ range index ($pad.Get "filters") . }}
+                            <div class="filter-selection-container">
+
+                                {{ $cloud_lookup_name := . }}
+                                {{ $int_logo := partial "integrations-logo.html" (dict "context" $dot "basename" $cloud_lookup_name "variant" "avatar") }}
+                                {{/*  store $int_logo and $cloud_lookup_name with filter value if $int_logo is present. e.g. "Javascript,int_logo url,<alias name>" */}}
+                                {{ $value := $cloud_lookup_name}}
+                                <input 
+                                id="{{ $cloud_lookup_name | anchorize }}" 
+                                type="checkbox" 
+                                value='{{ $value }}' 
+                                x-model="filterTypes['{{$filter_type}}']"
+                                @change="resetFilteredRulesets"
+                                @change.debounce="pushState('{{ $filter_type }}', '{{ $cloud_lookup_name }}')"
+                                >  
+                                
+                                <label for="{{ $cloud_lookup_name | anchorize }}" class="d-flex align-items-center">
+                                    {{ if $int_logo }}
+                                    <img src="{{ $int_logo }}" height="16" alt="{{ $cloud_lookup_name }}"/>
+                                    {{ end }}
+                                    {{$cloud_lookup_name}}
+                                </label>
+                            </div>
+                            {{ end }}
+                        </form>
+                    </div>                      
+
+                </div>
+                {{ end }}
+            </div>
+            {{/*  SEARCH FORM */}}
+            <form class="search__multifilter" @submit.prevent="">
+                <input type="search" placeholder="Search here" class="w-100 px-1" x-model="searchValue" @input="resetFilteredRulesets" @input.debounce="pushState()">
+            </form>
+          </nav>
+    </div>
+
+    <h2>Further Reading</h2>
+    {{ partial "whats-next/whats-next.html" .}}
+{{ end }}

From 1133f720c0a66e7f896682fc777994c99b4f0e63 Mon Sep 17 00:00:00 2001
From: Benjamin Chouraqui <benjamin.chouraqui@datadoghq.com>
Date: Fri, 27 Jun 2025 11:18:32 +0200
Subject: [PATCH 5/7] style: added names to the rules

Refs: K9VULN-5661
---
 go.mod                         |  2 +-
 go.sum                         |  4 ++--
 layouts/iac_security/list.html | 26 +++++++++++++++-----------
 3 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/go.mod b/go.mod
index d7e4448886fb9..2faa10b892a3d 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.14
 
 require (
 	github.com/DataDog/websites-modules v1.4.235 // indirect
-	github.com/DataDog/websites-sources v0.0.0-20250625141626-f25b35e87032 // indirect
+	github.com/DataDog/websites-sources v0.0.0-20250627063252-5189fcf5174c // indirect
 )
 
 // replace github.com/DataDog/websites-modules => /Users/lisiane.turlure/guac/websites-modules
diff --git a/go.sum b/go.sum
index e4a5d9fcc3190..3e604bb1a9935 100644
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,4 @@
 github.com/DataDog/websites-modules v1.4.235 h1:4mHFdC2YH3w9zdxYuqShgr7Z8rgHPppxWFMKwM32GFU=
 github.com/DataDog/websites-modules v1.4.235/go.mod h1:CcQxAmCXoiFr3hNw6Q+1si65C3uOP1gB+7aX4S3h+CQ=
-github.com/DataDog/websites-sources v0.0.0-20250625141626-f25b35e87032 h1:LFmm+r+X6KmYvAmp6/vjg3J3rqvF/gRoL1QXcj8L/ds=
-github.com/DataDog/websites-sources v0.0.0-20250625141626-f25b35e87032/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=
+github.com/DataDog/websites-sources v0.0.0-20250627063252-5189fcf5174c h1:0sl+TXCkfytaHeNgpWt46d87mMeRVC+CE3Rtfp0e2vc=
+github.com/DataDog/websites-sources v0.0.0-20250627063252-5189fcf5174c/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=
diff --git a/layouts/iac_security/list.html b/layouts/iac_security/list.html
index a43e65849f8eb..8ce31f4d7db33 100644
--- a/layouts/iac_security/list.html
+++ b/layouts/iac_security/list.html
@@ -232,21 +232,25 @@ <h1 id="pagetitle">{{ .Title }}</h1>
                             {{ $filter_info := (printf "%s,%s,%s,%s" .Params.meta.cloud_provider .Params.meta.category .Params.meta.severity .Params.meta.cloud_provider) }}
                             {{ $rule_info := (replaceRE "(`|')" "" (delimit (slice $filter_info ($rule_id|lower) ($ruleset_description|lower) $ruleset_title .Params.group_id .Title ) ";")) }}
                             <div 
-                            class="rule d-flex justify-content-between border p-1 position-relative"
+                            class="rule container justify-content-between border p-1 position-relative"
                             data-info="{{ $rule_info }}"
                             data-name="{{ .Title }}"
                             x-cloak x-show.important="shouldShowRule($el)"
                             >
-                                <div class="rule-name-container d-flex align-items-center">
-                                    {{ $int_logo := partial "integrations-logo.html" (dict "context" $dot "basename" $rule_cloud_provider "variant" "avatar") }}
-                                    {{ if $int_logo }}
-                                    <img src="{{ $int_logo }}" height="18" alt="{{$int_logo}}"/>
-                                    {{ end }}
-                                    <a href="{{.Permalink}}" class="stretched-link">{{.Title}}</a>
-                                </div>
-                                <div class="d-flex justify-content-end">
-                                    <span class="d-none d-md-block">{{ $rule_id }}</span>
-                                    <div class="ruleset-header__arrow fw-semibold ms-1">></div>
+                                <div class="row">
+                                    <div class="rule-name-container col-8 d-flex align-items-center">
+                                        {{ $int_logo := partial "integrations-logo.html" (dict "context" $dot "basename" $rule_cloud_provider "variant" "avatar") }}
+                                        {{ if $int_logo }}
+                                        <img src="{{ $int_logo }}" height="18" alt="{{$int_logo}}"/>
+                                        {{ end }}
+                                        <a href="{{.Permalink}}" class="stretched-link">{{.Params.meta.display_name}}</a>
+                                    </div>
+                                    <div class="col-4">
+                                        <a href="{{.Permalink}}" class="stretched-link d-flex justify-content-end" data-bs-toggle="tooltip" title="{{ $rule_id }}">
+                                            <span class="d-none d-md-block text-truncate">{{ $rule_id }}</span>
+                                            <div class="ruleset-header__arrow fw-semibold ms-1">></div>
+                                        </a>
+                                    </div>
                                 </div>
                             </div>
                             

From 6057c302095b24db43344191e64774162112c0c1 Mon Sep 17 00:00:00 2001
From: Benjamin Chouraqui <benjamin.chouraqui@datadoghq.com>
Date: Fri, 27 Jun 2025 14:34:21 +0200
Subject: [PATCH 6/7] refactor: changed branch to pull from to main

Refs: K9VULN-5661
---
 local/bin/py/build/configurations/pull_config.yaml         | 2 +-
 local/bin/py/build/configurations/pull_config_preview.yaml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/local/bin/py/build/configurations/pull_config.yaml b/local/bin/py/build/configurations/pull_config.yaml
index 76388f4b47ca5..581b765b850bc 100644
--- a/local/bin/py/build/configurations/pull_config.yaml
+++ b/local/bin/py/build/configurations/pull_config.yaml
@@ -624,7 +624,7 @@
       - repo_name: kics
         contents:
           - action: pull-and-push-folder
-            branch: benjamin.chouraqui/write-script-to-generate-markdown-files
+            branch: main
             globs:
             - documentation/rules/**/**/*.md
             options:
diff --git a/local/bin/py/build/configurations/pull_config_preview.yaml b/local/bin/py/build/configurations/pull_config_preview.yaml
index 20c1024a007b2..2c5d54a165141 100644
--- a/local/bin/py/build/configurations/pull_config_preview.yaml
+++ b/local/bin/py/build/configurations/pull_config_preview.yaml
@@ -624,7 +624,7 @@
       - repo_name: kics
         contents:
           - action: pull-and-push-folder
-            branch: benjamin.chouraqui/write-script-to-generate-markdown-files
+            branch: main
             globs:
             - documentation/rules/**/**/*.md
             options:

From 54326f4971b4e7264600acec7f186a338a22bd99 Mon Sep 17 00:00:00 2001
From: Benjamin Chouraqui <benjamin.chouraqui@datadoghq.com>
Date: Fri, 27 Jun 2025 14:39:40 +0200
Subject: [PATCH 7/7] resetting go files

---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 2faa10b892a3d..011f55d2102a5 100644
--- a/go.mod
+++ b/go.mod
@@ -4,7 +4,7 @@ go 1.14
 
 require (
 	github.com/DataDog/websites-modules v1.4.235 // indirect
-	github.com/DataDog/websites-sources v0.0.0-20250627063252-5189fcf5174c // indirect
+	github.com/DataDog/websites-sources v0.0.0-20250606082516-6e5a26ff9d0e // indirect
 )
 
 // replace github.com/DataDog/websites-modules => /Users/lisiane.turlure/guac/websites-modules
diff --git a/go.sum b/go.sum
index 3e604bb1a9935..08bad025832ea 100644
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,4 @@
 github.com/DataDog/websites-modules v1.4.235 h1:4mHFdC2YH3w9zdxYuqShgr7Z8rgHPppxWFMKwM32GFU=
 github.com/DataDog/websites-modules v1.4.235/go.mod h1:CcQxAmCXoiFr3hNw6Q+1si65C3uOP1gB+7aX4S3h+CQ=
-github.com/DataDog/websites-sources v0.0.0-20250627063252-5189fcf5174c h1:0sl+TXCkfytaHeNgpWt46d87mMeRVC+CE3Rtfp0e2vc=
-github.com/DataDog/websites-sources v0.0.0-20250627063252-5189fcf5174c/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=
+github.com/DataDog/websites-sources v0.0.0-20250606082516-6e5a26ff9d0e h1:F4Khh33ikLmXpHrBaz4vgoBusJhjQGVn/iavRxGsXiU=
+github.com/DataDog/websites-sources v0.0.0-20250606082516-6e5a26ff9d0e/go.mod h1:RvGhXV0uQC6Ocs+n84QyL97kows6vg6VG5ZLQMHw4Fs=