★Start Free★
Guides

Scanners Rule Configuration

Suggest Edits

Security Tools Configuration

Jit now provides a feature that allows clients to configure supported security tools. Currently, this feature is available for Semgrep.

Overview

By default, Jit provides a baseline configuration for security tools. However, clients can now customize this by providing their own configuration file. This customization allows organizations to tailor security scans to their specific needs.

Configuration Methods

Clients can provide their own configuration file for Semgrep through one of the following methods:

  • As Code in the Centralized Repository
    Add your configuration file within your repository at:
    /.jit/semgrep-config.yml

  • Using the UI File Editor
    Edit and manage your configuration file directly within the Jit UI (Settings -> Security Tools).

  • Uploading a Configuration File
    Upload a pre-configured file within the Jit UI.

Execution Behavior

Once a client-provided configuration file is in place, any subsequent execution of Semgrep within Jit will use this file in addition to the default Jit baseline configuration.

Benefits

  • Greater flexibility in defining security policies
  • Ability to fine-tune security scans based on organizational needs
  • Seamless integration with existing repositories and UI-based management

Notes

  • This feature is currently only available for Semgrep.
  • Ensure that the provided configuration file is correctly formatted to avoid execution errors.
  • For further assistance, refer to the Jit documentation or contact support.

Updated 4 days ago