Jenkins Meetup

Integrating open source static analysis into Jenkins jobs

February 18th, 2021
Share

The Jenkins Online Meetup kindly invited us to present at their event on February 10th.

In the talk we presented Semgrep, the open-source static analysis tool that support 12+ languages and simplifies writing custom rules for organization-specific code patterns. We showed how to integrate Semgrep into a Jenkins Pipeline for scanning every commit or PR.

Here’s the video of the presentation and you can also download the slides.

About

Semgrep enables teams to use industry-leading AI-assisted static application security testing (SAST), supply chain dependency scanning (SCA), and secrets detection. The Semgrep AppSec Platform is built for teams that struggle with noise by helping development teams apply secure coding practices.