45 docs tagged with "Team & Enterprise Tier"

Learn how to receive Slack or email alerts about findings and failures, how to receive merge or pull request comments in your CI/CD pipeline, or how to integrate using webhooks.

Set up Semgrep Supply Chain to correctly detect packages in Maven.

This document links to Semgrep API documentation.

Send Semgrep findings to your Asana project.

Enable PR comments in your Bitbucket repositories to display Semgrep findings to developers.

Configure Semgrep in CI by setting various environment variables. Enable diff-aware scanning, connect to Semgrep AppSec Platform, and more.

Reference for the Semgrep command-line interface including options and exit code behavior.

Reference for the Semgrep command-line interface including options and exit code behavior.

Definitions of Semgrep Code product-specific terms.

Configure how Semgrep in CI pipelines handles errors and blocks findings.

Connect a GitHub or GitLab organization to manage user authentication.

Create a Semgrep account and organization to prepare your deployment for the addition of repositories and team members.

The Dashboard is a summary view within Semgrep AppSec Platform to help security teams evaluate their organization's security posture.

Search through all your dependencies in all your onboarded repositories at any time.

Receive Semgrep findings via email.

Enable pull request (PR) comments in your GitHub repositories to display Semgrep findings to developers.

Enable merge request (MR) comments in your GitLab repositories to display Semgrep findings to developers.

Prevent unwanted noise when scanning for dependency vulnerabilities by ignoring lockfiles or code files.

Refer to this section to set up Semgrep Supply Chain for your specific tooling or pipeline.

Configure Jenkins to send the correct branch name to Semgrep AppSec Platform.

Send Semgrep findings to your Jira project.

Semgrep Supply Chain can detect and list a package's license. Prevent or exempt certain packages from being used based on their licenses.

Send Semgrep findings to your Linear project.

Learn how Semgrep leverages its engine to scan open source dependencies with high-signal rules.

Learn how to remove duplicate findings and prevent them from displayed in Semgrep AppSec Platform.

View sample configuration files to run Semgrep with various CI/CD providers such as GitHub, GitLab, Jenkins, Buildkite, CircleCI, and more.

Customize how Semgrep Supply Chain scans your codebase's open source dependencies.

Detect valid, leaked secrets in previous Git commits through a historical scan.

A guide using to Semgrep Pro Rules: supported languages, vulnerabilities covered, and using Pro rules in Semgrep scans.

The Policies page is a visual representation of the rules that Semgrep Code uses to scan code.

Receive Semgrep findings in your Slack workspaces.

SSO configuration instructions.

Definitions of Semgrep Supply Chain and software composition analysis (SCA) terms.

Semgrep supports more than two dozen languages. Learn about generally available, beta, and experimentally supported languages.

Semgrep supports more than two dozen languages. Learn about generally available, beta, and experimentally supported languages.

Guidelines on how to add or remove tags through Semgrep AppSec Platform and semgrepconfig.yml file.

Learn how about Semgrep Code's triage status for findings and how to triage and remediate findings.

Perform triage and remediation of dependency vulnerabilities through Semgrep Supply Chain.

Not seeing what you expect in Semgrep AppSec Platform? Follow these troubleshooting steps or find out how to get one-on-one help.

Get more information when Semgrep in CI hangs, crashes, times out, or runs too slow. Fix issues with GitLab SAST's Semgrep analyzer, such as jobs running slowly, not showing results, or returning errors.

Learn about usage computation and other aspects of your Semgrep licenses.

Learn about roles, user management, and how to implement role-based access control in Semgrep AppSec Platform.

The Findings page allows users to view findings identified by Semgrep Code.

Create webhooks to receive Semgrep findings in your endpoints.

Semgrep Editor is a powerful tool within Semgrep AppSec Platform to write rules and quickly apply these rules across an organization to enforce coding standards across an organization.