Skip to main content

16 docs tagged with "Community Tier"

View All Tags

CI configuration reference

Reference for running Semgrep CI in your CI job or on the command line. Learn how to select rules to scan with, enable diff-aware scanning, connect to Semgrep App, and more.


The Dashboard is a summary view within Semgrep App to help security teams evaluate their organization's security posture.


Semgrep Editor is a powerful tool within Semgrep App to author rules and quickly apply these rules across an organization to enforce coding standards across an organization.


The Findings page allows users to view, manage, and triage Findings.

Getting started with Semgrep App

Get started with Semgrep App to scan for security vulnerabilities on both local and remote repositories hosted on GitHub and GitLab.

Getting started with Semgrep in CI

Semgrep can run CI environments. It can either be used stand-alone or connected with Semgrep App for centralized rule and findings management.


Semgrep App contains 3rd party integrations to allow users to add data from Semgrep to other tools that are part of their workflows.

Managing users and roles

Learn about roles, user management, and how to implement role-based access control in Semgrep App.


Semgrep CI integrates with 3rd party services when connected to Semgrep App. Learn how to get Slack or email alerts about findings and failures, how to get merge or pull request comments in your CI/CD pipeline, or how to integrate using webhooks.

Pricing and billing

Semgrep CLI and CI are free to use. Semgrep App has both free and paid tiers, each with their own features and levels of support.

Rule board

The Rule Board is a visual representation of the rules that Semgrep App uses to scan code. Rules are cards, and are grouped into columns representing the actions undertaken (whether to block, comment, or silently monitor) when a finding surfaces.

Sample CI configurations

The sample configuration files below run Semgrep CI on continuous integration platforms such as GitHub, GitLab, Jenkins, Buildkite, CircleCI, and other providers.

Troubleshooting GitLab SAST

GitLab SAST includes an analyzer that runs Semgrep. Fix issues with semgrep-sast jobs running slowly, not showing results, or erroring.

Troubleshooting Semgrep App

Not seeing what you expect in Semgrep App? Follow these troubleshooting steps or find out how to get one-on-one help.