Home Application Security Semgrep

Semgrep

AI-powered code security platform for SAST, SCA, and secrets detection in the developer workflow.

4.5 ★ (167 reviews) freemium Free (OSS)
Visit Website →
SASTSCADevSecOpsAI/MLOpen SourceFree Tier SOC 2ISO 27001 Technology & SaaS

About Semgrep

Semgrep is a code security platform that finds bugs, detects vulnerabilities, and enforces code standards at every stage of development. Powered by open-source Semgrep OSS and enhanced with AI, the platform delivers fast SAST, SCA, and secrets scanning that developers actually use — integrated into IDEs, CI/CD pipelines, and pull request workflows with minimal false positives.

Headquarters
San Francisco, CA
Founded
2017
Target
mid-market

Compliance & Frameworks

// Similar Tools

Chainguard
Secure container images and software supply chain security with zero-known-vulnerability base images.
4.5 ★
Snyk
Developer-first security platform for finding and fixing vulnerabilities in code, dependencies, containers, and IaC.
4.4 ★
Apiiro
Application security risk management with deep code analysis for risk-based vulnerability prioritization.
4.4 ★