DevSecOps: Static Application Security Testing SAST using Snyk in Jenkins

DevSecOps using Snyk and Jenkins

Method 1 (Simplest) : Configure the webapp in Snyk dashboard

Connectors — Select where the source code is located
Github Repositories selection
Repositories from Github
Snyk dashboard shows the vulnerabilities

Method 2 : Use Snyk plugin in the Jenkins CD/CI pipeline

  • A working Jenkins setup on your machine
Maven Config in Global Tool Configuration
Snyk Config in Global Tool Configuration
Personal Snyk Token in Credentials
Jenkins build console output
SAST Report

--

--

--

Engineer and Water Color Artist @toashishagarwal

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Core Location and delegation

Building Actuarial Functions in Python

Let’s talk about estimation.

How to deploy Laravel with Docker on Kubernetes

A Beginner’s Guide to Python Development on Windows 10

Do Something Captain! We’re Taking Damage!

Standards in Product development: Case study of the ISO 26262 safety standard

SPA and API Security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ashish Agarwal

Ashish Agarwal

Engineer and Water Color Artist @toashishagarwal

More from Medium

Build a Docker Jenkins Pipeline to Implement CI/CD Workflow

jenkins installation with docker

Configure a local Jenkins instance

Build and Publish Docker Images using Jenkins