DerScanner Integration via Plugin
Instructions:
- Install the plugin: Administration > Plugins List > Upload plugin zip.
In some cases, it may be necessary to remove the previous versions for the plugin to work correctly.
-
Set up connection:
- Go to Administration > Integrations > DerScanner.
- Enter the API address and a token, which you can obtain from your DerScanner account.
- Click Test Connection (if connection is successful, "Successful" message appears).
- Click Save.
-
In build settings, add DerScanner SAST Build Step and specify the necessary settings.
-
Add Build Features (only available if there is DerScanner SAST Build Step):
- DerScanner PDF report — configure export of the scan results in PDF format (see Export Report);
- DerScanner statistics — includes security score, the number of vulnerabilities of each severity level, scan duration and LoC (see statistics in Build->Parameters->Reported statistic values).
-
Configure Failure Conditions:
- In build settings, click Failure Conditions.
- Click Add failure condition and select Fail build on metric change.
- Set Failure Conditions based on DerScanner statistics (DerScanner LoC, DerScanner info level vulnerabilities, DerScanner low level vulnerabilities, DerScanner medium level vulnerabilities, DerScanner critical vulnerabilities, DerScanner scan duration, DerScanner score).