diff --git a/appmap-scanner.yml b/appmap-scanner.yml
new file mode 100644
index 0000000..bf603cb
--- /dev/null
+++ b/appmap-scanner.yml
@@ -0,0 +1,41 @@
+checks:
+  - rule: authz-before-authn
+  # - rule: circular-dependency
+  - rule: deprecated-crypto-algorithm
+  - rule: deserialization-of-untrusted-data
+  - rule: exec-of-untrusted-command
+  - rule: http-500
+  # - rule: illegal-package-dependency
+  #   properties:
+  #     callerPackages:
+  #       - equal: actionpack
+  #     calleePackage:
+  #       equal: app/controllers
+  # - rule: incompatible-http-client-request
+  # - rule: insecure-compare
+  # - rule: job-not-cancelled
+  - rule: logout-without-session-reset
+  # - rule: missing-authentication
+  - rule: missing-content-type
+  - rule: n-plus-one-query
+  # - rule: query-from-invalid-package
+  # - rule: query-from-view
+  # - rule: rpc-without-circuit-breaker
+  # - rule: save-without-validation
+  - rule: secret-in-log
+  # - rule: slow-function-call
+  #   properties:
+  #     timeAllowed: 0.2
+  #     functions:
+  #       - match: Controller#create$
+  # - rule: slow-http-server-request
+  #   properties:
+  #     timeAllowed: 0.5
+  # - rule: slow-query
+  #   properties:
+  #     timeAllowed: 0.05
+  - rule: too-many-joins
+  - rule: too-many-updates
+  # - rule: unbatched-materialized-query
+  - rule: unauthenticated-encryption
+  - rule: update-in-get-request