diff --git a/Release-Latest.gitlab-ci.yml b/Release-Latest.gitlab-ci.yml
index 9d1e3de7e80a5bb9f15a970f24430fdb578bfdef..76b0e045204cd676c1b6f4830870fc3371d8f4da 100644
--- a/Release-Latest.gitlab-ci.yml
+++ b/Release-Latest.gitlab-ci.yml
@@ -30,3 +30,24 @@ secret_detection:
     - if: '$SECRET_DETECTION_DISABLED'
       when: never
     - if: '$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH'
+
+semgrep-sast:
+  rules:
+    - if: $SAST_DISABLED == 'true' || $SAST_DISABLED == '1'
+      when: never
+    - if: $SAST_EXCLUDED_ANALYZERS =~ /semgrep/
+      when: never
+    - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
+      exists:
+        - '**/*.py'
+        - '**/*.js'
+        - '**/*.jsx'
+        - '**/*.ts'
+        - '**/*.tsx'
+        - '**/*.c'
+        - '**/*.go'
+        - '**/*.java'
+        - '**/*.cs'
+        - '**/*.html'
+        - '**/*.scala'
+        - '**/*.sc'