Original Post: Semgrep App's Fall 2021 updates
Semgrep App has undergone a major redesign, introducing a drag-and-drop UI for easier configuration of rules and notifications. Useful new features include a finding triage flow and Jira integration to support security teams with remediation efforts.
Initially, Semgrep App had basic sample scanning rules without the need to download the tool. Over 18 months, it has evolved significantly, becoming integral to the workflows of many high-performing security teams. A major enhancement is the Rule Board that simplifies the configuration process by consolidating all settings into one screen, allowing users to easily manage rulesets and notifications. This is especially beneficial for smaller teams, eliminating the complexity of previous “policies” configurations.
Additionally, the app now tracks the status of findings to help with remediation, dismissing false positives and creating Jira tickets directly from findings. Various other improvements include a redesigned dashboard, support for forked GitHub repositories, and filtering of findings by rule severity.
For users who also run Semgrep on the command-line, new updates include a taint mode, Terraform scanning, and substantial performance improvements.
Go here to read the Original Post