DerScanner Integration via Plugin

Instructions:

1. Install the plugin: Administration > Plugins List > Upload plugin zip.

In some cases, it may be necessary to remove the previous versions for the plugin to work correctly.

2. Set up connection:

   1. Go to Administration > Integrations > DerScanner.
   2. Enter the API address and a token, which you can obtain from your DerScanner account.
   3. Click Test Connection (if connection is successful, "Successful" message appears).
   4. Click Save.

3. In build settings, add DerScanner SAST Build Step and specify the necessary settings.

4. Add Build Features (only available if there is DerScanner SAST Build Step):

   • DerScanner PDF report — configure export of the scan results in PDF format (see Export Report);
   • DerScanner statistics — includes security score, the number of vulnerabilities of each severity level, scan duration and LoC (see statistics in Build->Parameters->Reported statistic values).

5. Configure Failure Conditions:

   1. In build settings, click Failure Conditions.
   2. Click Add failure condition and select Fail build on metric change.
   3. Set Failure Conditions based on DerScanner statistics (DerScanner LoC, DerScanner info level vulnerabilities, DerScanner low level vulnerabilities, DerScanner medium level vulnerabilities, DerScanner critical vulnerabilities, DerScanner scan duration, DerScanner score).