Note: integration with Jenkins is orthogonal to running specific scanners.
How to integrate sken.ai with Jenkins
This is already answered here as part of Step 3, in Quickly get started with Sken: Setup Sken in your CI/CD
How to run find-sec-bugs
Note: Find-sec-bugs is a scanner for Java code https://find-sec-bugs.github.io/.
In Sken, you don’t specify the scanner that you want. Instead, you specify the source code language that you want to be scanned and Sken automatically selects a scanner for you. So if you want to run find-sec-bugs, you simply specify java as the language in sken.yaml.
For example, using the Sample .yaml File found here in Advanced Settings: Set up Sken CLI and Sken.yaml
With this sken.yaml file, Sken automatically runs find-sec-bugs for you.
Note: Sken will also run OWASP Dependency Check (this is a SCA -- Software Composition Analysis -- scanner) and Gitleaks (a secrets scanner). SCA and Secrets scanner are language-neutral scanners.
How to ONLY run find-sec-bugs
Modify sken.yaml as such:
With this sken.yaml file, Sken will only run find-sec-bugs.