From 990002803f3c2507385a5385e34e9df2fd55398d Mon Sep 17 00:00:00 2001
From: Viktor Fornstad <89360115+Flopalot@users.noreply.github.com>
Date: Sun, 29 Sep 2024 11:39:47 +0200
Subject: [PATCH] Week 6: Demo Proposal (#2551)

---
 .../demo/week6/vikfor-ghenn/README.md         | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 contributions/demo/week6/vikfor-ghenn/README.md

diff --git a/contributions/demo/week6/vikfor-ghenn/README.md b/contributions/demo/week6/vikfor-ghenn/README.md
new file mode 100644
index 0000000000..3a66e3457e
--- /dev/null
+++ b/contributions/demo/week6/vikfor-ghenn/README.md
@@ -0,0 +1,31 @@
+# Assignment Proposal
+
+## Title
+
+Using Semgrep to find vulnerabilities
+
+## Names and KTH ID
+
+  - Viktor Fornstad (vikfor@kth.se)
+  - Gustav Henningsson (ghenn@kth.se)
+
+## Deadline
+
+- Week 6
+
+## Category
+
+- Demo
+
+## Description
+
+We want to demo the static analysis tool called Semgrep. In the demo we will:
+- Connect Semgrep to a Github repo
+- Run Semgrep, with the basic rule-set, on the repo
+- Show and explain the information given by Semgrep
+- Create a custom rule that can be used with Semgrep
+We will also explain why it is important to use static analysis tools for DevSecOps.
+
+**Relevance**
+
+There are hundreds of different vulnerabilities that exist and it's therefor difficult for your average developer to know of and remember all of them. To know why and how to use static analysis tools to identify vulnerabilities is important to combat this problem.