diff --git a/Jenkinsfile b/Jenkinsfile
index 8b1a93a..4636e72 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -23,6 +23,10 @@ pipeline {
     REGISTRY_CREDS = "registry-creds"
 
     IMAGE = "${REGISTRY}/${IMAGE_NAME}"
+
+    DD_URL = "https://DD.brammie15.dev"
+    DD_API_KEY = credentials('dd-api-key')
+    NVD_API_KEY = credentials("nvd-api-key")
   }
 
   stages {
@@ -32,6 +36,16 @@ pipeline {
       }
     }
 
+    stage('SAST - Semgrep') {
+      steps {
+        sh """
+          docker run --rm -v "\$(pwd):/src" \
+            returntocorp/semgrep \
+            semgrep scan --config=auto /src
+        """
+      }
+    }
+
     stage('Build image') {
       steps {
         script {