Scanning
Start generating fixes for your repository
Scanning your repository
To upload vulnerability data and code to Corgea using the Corgea CLI, you first need to generate a report from your existing Static Application Security Testing (SAST) scanner, such as Snyk or Semgrep. Once you have the report, you can use the corgea upload command followed by the path to the report file. The CLI will then upload the vulnerability data and the affected code snippets to Corgea for analysis and fixing. Here’s a brief example:
Prerequisite You registered in Corgea
SAST Scanner You have a SAST scanner like Snyk, Semgrep, etc.
Go to repository
Go to the repository you want to scan:
Run the scan
See Results
Once a scan is completed a scan report will be generated in the repository folder and a copy will be sent to Corgea for processing.
Issue Fixes
Depending on the size of the results in the scan, it may take sometime for results to show up. For a couple of hundred findings, it should take 10 mins.
Go to fixes to learn more.