Semgrep (Preview)

Overview

Heeler uses Semgrep to support its static analysis security testing (SAST) capabilities. Information harvested from Semgrep is contextualized and surfaced when examining a service's Security analysis under SAST Findings. For example, after selecting the service data-warehouse, you can see its SAST Findings under Security.

Requirements

  • Permission to view Semgrep Settings

  • Permission to generate Semgrep API token

Semgrep Integration Information

  1. Navigate to Settings

  2. Navigate to Tokens and select API Tokens

  3. Select Create new token

  1. Add meaningful Secrets name, e.g., Heeler Integration Token, (or leave default)

  2. Copy Secrets value

  3. Update Token scopes

    1. Agent (CI) —

    2. Web API —

  4. Save

Heeler Integration Setup

  1. Select the icon from the top navigation

  2. Navigate to the Integrations tab

  3. Click Add Integration and select Semgrep

  1. Enter the requested information into the modal

  • Name - Add meaningful name, e.g., Company Semgrep Integration. It does not have to match the name used in Semgrep settings

  • API Key - Value from step above

  1. Confirm successful connection

PreviousShortcutNextUser Management

Last updated

Was this helpful?