SARIF Parser

The Static Analysis Results Interchange Format (SARIF) is an industry standard format for the output of static analysis tools that can be consumed by a wide range of development and security tools.

SecDim offers a Sarif Parser to augment the SARIF output with contextual secure coding training. The parser will take a SARIF file, search the SecDim Catalogue for the relevant challenges, augment the finding with a link to the sanbox challenge(s) and output a new SARIF file.

An example of how to integrate Semgrep with SecDim can be found here