GitHub Action to run Semgrep with custom rules. Results are uploaded to GitHub's Code Scanning API

This repository holds a sample Flask API that is deployable to Deta.sh and is configured for Semgrep scans with Github Actions

Python project showcasing a DevSecOps pipeline with GitHub Actions. Integrates Semgrep, Gitleaks, and pip-audit to scan commits for insecure code, secrets, and vulnerable dependencies, with branch protection to block merges on high-severity findings.

Secure CI/CD pipeline implementing DevSecOps practices using GitHub Actions. Includes SAST with Semgrep, DAST with OWASP ZAP, and secret scanning via GitLeaks. Uses Docker, Kubernetes, ArgoCD, and Sealed Secrets for secure, GitOps-based deployment across staging and production environments. Ask ChatGPT

No description available

Demo: Semgrep SAST + FOSSA licence scanning with GitHub Actions CI/CD integration

name: Security Scan on: [push] jobs: scan: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Run Semgrep run: pip install semgrep && semgrep --config=p/owasp-top-ten .

A simple DevSecOps project that uses GitHub Actions and Semgrep for SAST scanning.

CI/CD pipeline scanning Terraform, K8s, and Python using Checkov, tfsec, and Semgrep. Built with GitHub Actions.

Test GitHub Action for Semgrep Supply Chain scans where no lockfiles exist in SCM

GitHub Actions workflow for automated Semgrep scanning with Linear issue creation. Includes enterprise-grade security features and comprehensive test suite.

CI/CD pipeline with security scanning for Node.js application. GitHub Actions workflow runs Semgrep, npm audit, and Gitleaks on every push.

GitHub Actions pipeline that detects, gates, and audits AI-generated code — policy checks, security scans (Gitleaks + Semgrep), sandboxed tests, and risk-scored reviews

A complete GitHub Actions DevSecOps pipeline — secret detection (Gitleaks), SAST (Semgrep + CodeQL), dependency scanning (Trivy + OWASP), IaC scanning (Checkov), container scanning, DAST (OWASP ZAP), and an automated security gate that blocks merges on critical findings

Enterprise-grade DevSecOps pipeline implementing Shift-Left Security. Automated SAST, SCA, and Container Scanning using GitHub Actions, Semgrep, Trivy, and pip-audit. Built for secure SDLC

A complete DevSecOps CI/CD pipeline demonstration using GitHub Actions with automated testing, security scanning (Semgrep & Trivy), code quality checks, and Docker image build/push to Docker Hub.

A comprehensive DevSecOps pipeline built with GitHub Actions to secure a Go application. Implements multiple security gates including SAST (Semgrep), secret scanning (Gitleaks), dependency scanning, and container image scanning (Trivy). The pipeline also generates and processes compliance artifacts like SARIF and SBOMs.

SAST implementation using Semgrep integrated with GitHub Actions, generating SARIF reports and publishing security findings to GitHub Code Scanning dashboard. Includes secure CI/CD pipeline configuration and best practices for React/Node.js applications.

"This is a simulated DevSecOps pipeline demo using a vulnerable Flask app, integrated with GitHub Actions CI and security tools like Bandit and Semgrep. It simulates how real companies automate vulnerability scanning in CI/CD."

GitHub Actions CI pipeline that runs Semgrep security scans on pull requests and uses an LLM to help developers understand and fix findings. Built for my bachelor’s thesis on improving developer security workflows. (In progress)

Fully automated DevSecOps pipeline using GitHub Actions. Includes SAST (Semgrep), SCA (Dependency-Check), secrets detection (Gitleaks), Docker image scanning (Trivy), DAST (Nikto), and Qodana code quality analysis. A simple Java project is used as the application target.

devsecops-react-project is a secure web application built with React and TypeScript, implementing a DevSecOps CI/CD pipeline using GitHub Actions, Docker, Semgrep, and Trivy. It demonstrates automated security testing, container scanning, and security gates integrated into the development lifecycle.