Skip to content
Gallery
Niyo InfoSec Review
Infosec Review
Go Live - Evidences
More
Share
Explore

Go Live - Evidences

SAST

Configuration of Semgrep
We have enabled all the rules in our Semgrep. For all the rules, we block the pipeline as you can see from the configuration
all_rule_sast_evidence.png
kotlin_evidence.png
Again you can see in the below configuration of our CI/CD that if Semgrep finds any issues, the pipeline is blocked
sast_action_code.png
For every change this pipeline runs. You see the status here.
Pipeline blocks when there any SAST rule violations
Screenshot 2024-03-26 at 3.37.48 PM.png
Screenshot 2024-03-26 at 3.38.06 PM.png
Screenshot 2024-03-26 at 3.56.20 PM.png
CI/CD - task logs
When there are no Semgrep issues
Screenshot 2024-03-26 at 3.42.09 PM.png
When there are Semgrep issues
Screenshot 2024-03-26 at 3.43.24 PM.png

DAST

We run this everyday automatically at midnight. In some cases, we also trigger it manually.
Screenshot 2024-03-26 at 6.09.25 PM.png
Reports of
Feb 1
Screenshot 2024-03-26 at 4.02.30 PM.png
Mar 1
Screenshot 2024-03-26 at 4.01.52 PM.png
Mar 26
Screenshot 2024-03-26 at 3.48.57 PM.png

Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.