Skip to main content

59 docs tagged with "Semgrep AppSec Platform"

View all tags

Add Semgrep to CI/CD

Set up your CI pipeline with Semgrep AppSec Platform for centralized rule and findings management.

Alerts and notifications

Learn how to receive Slack or email alerts about findings and failures and how to integrate using webhooks.

API

This document links to Semgrep API documentation.

Azure PR comments

Enable PR comments in your Azure DevOps repositories to display Semgrep findings to developers.

Bitbucket Cloud

Enable PR comments in your Bitbucket Cloud repositories to display Semgrep findings to developers.

Bitbucket Data Center

Enable PR comments in your Bitbucket Data Center repositories to display Semgrep findings to developers.

Core deployment

Learn how to set up a comprehensive Semgrep deployment for yourself or your organization.

Create an account

Create a Semgrep account and organization to prepare your deployment for the addition of repositories and team members.

Dashboard

Use the Semgrep dashboard to gain an overview of your organization's security posture, including the deployment of guardrails.

Dashboard

The Dashboard is a summary view within Semgrep AppSec Platform to help security teams evaluate their organization's security posture.

Email

Receive Semgrep findings via email.

Findings in CI

Learn how Semgrep Pro tracks findings and triage states in CI pipelines.

GitHub

Learn how to add a GitHub repository to Semgrep Managed Scans.

GitHub PR comments

Enable pull request (PR) comments in your GitHub repositories to display Semgrep findings to developers.

GitLab

Learn how to add a GitLab repository to Semgrep Managed Scans.

GitLab MR comments

Enable merge request (MR) comments in your GitLab repositories to display Semgrep findings to developers.

Jira

Send Semgrep findings to your Jira project.

License compliance

Semgrep Supply Chain can detect and list a package's license. Prevent or exempt certain packages from being used based on their licenses.

Manage rules

The Policies page is a visual representation of the rules that Semgrep Secrets uses to scan code.

Managed Scans (beta)

Semgrep Managed Scans provides an alternative to CI-based workflows. It enables you to add repositories to your Semgrep org in bulk without changing your CI workflows.

Perform cross-file analysis

This article introduces cross-file (interfile) analysis, guides you through installation, and provides some additional information.

Remove duplicate findings

Learn how to remove duplicate findings and prevent them from being displayed in Semgrep AppSec Platform.

SBOM

Generate a CycloneDX JSON or XML SBOM to view all repository dependencies.

Slack

Receive Semgrep findings in your Slack workspaces.

Tag projects

Guidelines on how to add or remove tags through Semgrep AppSec Platform and semgrepconfig.yml file.

Triage and remediation

Learn how about Semgrep Code's triage status for findings and how to triage and remediate findings.

Troubleshooting CI

Not seeing what you expect in Semgrep AppSec Platform? Follow these troubleshooting steps or find out how to get one-on-one help.

Usage and billing

Learn about usage computation and other aspects of your Semgrep licenses.

View findings

The Code page allows users to view findings identified by Semgrep Code.

Webhooks

Create webhooks to receive Semgrep findings in your endpoints.

Write custom rules

Semgrep Editor is a powerful tool within Semgrep AppSec Platform to write rules and quickly apply these rules across an organization to enforce coding standards across an organization.