???? Happy Thanksgiving, everyone! ???? This year, we’re thankful for our incredible team, amazing customers, loyal partners, and all of you who’ve supported our journey.?We wouldn’t be here without your support! Quick question: What are you thankful for this year? Drop your answers in the comments below! ????
Semgrep
软件开发
San Francisco,California 9,999 位关注者
Semgrep is a code scanning platform for finding first and third-party security vulnerabilities in your code base.
关于我们
We’re Semgrep, a software security company. Our mission is to profoundly improve software security and reliability to safeguard human progress. We maintain Semgrep, a tool to find bugs and reachable dependency vulnerabilities in code. Semgrep lets you enforce your code standards on every commit. With 2,000+ existing rules and simple-to-create custom ones, it finds the bugs that matter. Semgrep can run anywhere: in CI, your editor, or the command-line. Plus, with dedicated infrastructure from Semgrep, Inc., it’s easy to deploy, manage, and monitor Semgrep at scale. Semgrep is made with ? by Semgrep, Inc. We’re hiring: https://go.semgrep.dev/careers
- 网站
-
https://semgrep.dev
Semgrep的外部链接
- 所属行业
- 软件开发
- 规模
- 51-200 人
- 总部
- San Francisco,California
- 类型
- 私人持股
- 创立
- 2017
地点
-
主要
88 Kearny St
15F
US,California,San Francisco,94104
Semgrep员工
动态
-
After working with over 300 companies on their AppSec programs, Tanya Janca has seen it all—challenges, struggles, and growth. And the question she hears most often: “What’s next?” ?? Many teams feel stuck when trying to mature their security programs. The typical maturity models can feel overwhelming, leaving them unsure of where to start. But here’s the good news: Maturing your AppSec program doesn’t have to be daunting! ?? In Tanya's keynote from BSidesOttawa, she breaks down 3 common maturity levels and shares practical, actionable steps to improve your security posture—no matter where you are. Whether you’re just starting or aiming for the next level, this talk offers insights you can apply right away. ?? Watch the recording ?? https://lnkd.in/gd-dB9dU #AppSec #CyberSecurity #DevSecOps #BSidesOttawa #AppSecMaturity #SecureCoding?
BSides Ottawa 2024 - Day 2 Keynote and Speakers
https://www.youtube.com/
-
Semgrep转发了
Bad marketing has ruined shift left ?? In her talk at The Elephant in AppSec Conference, Tanya Janca dives into why the concept of shift left seems to have lost all meaning. Shift left is not: ?? Buy this product ?? Devs will do everything ?? You only need security in the pipeline So how do you actually effectively shift security left? How do you implement security throughout your SDLC? And how can you work with developers to create a security culture? This is exactly what Tanya explored, and you can find the key highlights of her talk in our latest blog post! Strong opinions are of course encouraged so let us know what you think too; has shift left lost its meaning recently? Read now ?? https://lnkd.in/gxanPjFE ?? If you want to watch her full talk, or any of the others, you can also watch the recording of the conference now ?? https://lnkd.in/efGkdHwE Also watch out for all of the conference videos coming to The Elephant in AppSec YouTube very soon... ??
-
We're excited to be a gold sponsor of OWASP Benelux this year and can't wait to connect with the incredible AppSec community in The Netherlands! Stop by our booth on November 28th for: ?? Live Demos: See firsthand how Semgrep empowers developers to find and fix vulnerabilities in real-time. Our platform makes it faster and easier than ever to deliver secure code, with tools that work across SAST, SCA, and Secrets Management. ?? Meet the Team: Whether you're new to Semgrep or a seasoned user, we’d love to chat with you about how we can help level up your AppSec game. Our team will be on hand to answer questions, discuss use cases, and share best practices. ?? Exclusive Swag: Who doesn’t love some cool swag? Stop by and grab some Semgrep goodies to take home with you! But that’s not all... ?? We’re also hosting the official Social Event at 18:00 CET! Join us for a relaxed evening of networking, fun, and food! It’s the perfect chance to unwind, meet fellow AppSec pros, and talk shop (or just chat about the latest in tech). Don’t miss out on this amazing opportunity to learn, network, and have some fun: https://lnkd.in/gqr4KcUZ #appsec #cybersecurity #events #sast #sca #secretmanagement CC: OWASP? Foundation
-
Semgrep转发了
My favorite part of being a Segment alum is seeing the great work that former colleagues go on to do. #segmentmafia One such alum: Jason Klumpp ??Rewind back to our time at Segment. Jason led the inbound SDR team. PLG was nascent with no proven playbooks to follow so we had to chart our own course. Jason and team established what we coined “Seal Team Six.” That team was a small taskforce (6 SDRs) with a mission to: - Run experimental plays using product & web signals. - Gather fast feedback and iterate quickly to identify winning plays. - Package winning plays for the wider team to replicate. - Repeat. Essentially the scientific method applied to SDR plays. --- ??Fast-forward to today and Jason and his team at Semgrep are taking that method to the next-level. And they’re seeing results to the tune of 73% PIPE GROWTH IN A QUARTER. Jasons team is running 16 (that’s right 16!) pipeline plays built around: - High-fit prospects using free accounts - High-fit accounts visiting high-intent pages - GitHub users active in Semgrep’s repository - People engaging on social who fit the ICP - Former product users who switched jobs - Companies with open job listings that mention the competition It’s truly an exhibition of pipeline generation done how it should be. Seriously every commercial open source team should be operating this way. Bravo Jason (and your lovely team) ?? === Get the full playbook here: https://lnkd.in/g42gTh-G
-
Semgrep转发了
The biggest shoutout to Semgrep and Randall Westbrook for my new #hotSAST sauces! Semgrep now not only saves you from vulnerabilities in your code but bland food as well! So excited to be passing on our hot sauce genes to the world! #hotsauce #severity #highseverity
-
How Thinkific Boosted Security and Development Speed with Semgrep ?? Thinkific’s security team faced slow scans, noisy results, and complex configuration issues from their previous security tools—slowing development and frustrating engineers. They needed a solution that would give developers clear, actionable security feedback without blocking pull requests or causing delays. Enter Semgrep! Key Benefits Thinkific Achieved with Semgrep: 1?? Reduced security noise by 85% using Semgrep’s reachability analysis and customizable rules. 2?? Streamlined developer workflows with clear, contextual PR comments to fix issues quickly. 3?? Enhanced developer alignment through Semgrep’s policies and integration with Thinkific’s Security Champions program. By implementing Semgrep Code and Semgrep Supply Chain, Thinkific accelerated development while strengthening its security posture. ?? Read the full case study to learn more: https://lnkd.in/g85Npjki #AppSec #DevSecOps #Semgrep #CyberSecurity #SoftwareDevelopment #SecurityChampion #DeveloperTools
-
December is almost here, and Semgrep's bringing you a whole month of action-packed webinars to help you stay ahead of the curve! Whether you’re into AI, code scanning, or security, there’s something for everyone. Check out what’s coming up: December 3, 9AM PT: Adaptive Noise Canceling Meets Code Scanning Join David Whitlow for a deep dive into how Semgrep’s high-context code scanning can transform your approach to security, with a special focus on how AI is reducing friction for developers. ??? Register here: https://lnkd.in/gbDcTx62 December 5, 9AM PT: How to Swim in the Ocean of SCA Join Rotem Reiss ???? and Amanda McCarvill for an engaging discussion on how to successfully navigate the world of Software Composition Analysis (SCA). We will discuss scaling, prioritization, how to work it into your workflows and so much more! ??? Register here: https://lnkd.in/gfsiS4dZ December 13, 9AM PT: Burning Down Organizational Risk Join Jeevan S. and Tanya Janca for a fireside chat on how to share organizational risk, democratize security, and the importance of making security everyone’s responsibility. ??? Register here: https://lnkd.in/g-Xi85ud The best part? This is just the start! Stay tuned for more exciting webinars to come! ?? #appsec #devops #cybersecurity #ai #events
-
?? Shift Left brought us closer to security in the development process, but we need more. Carolynn van Arsdale’s latest post on Security Boulevard explains why shifting everywhere—before, during, and after development—is essential for today’s security landscape. As Tanya Janca says, “Shift left was never a replacement for a real AppSec program.” It’s time to get proactive and integrate security at every step! Read the full blog post for expert insights from Tanya Janca, Cassie Crossley, Dustin Lehr, Chris Romeo, and Sa?a Zdjelar! ?? https://lnkd.in/gGnnNRbM #AppSec #ShiftLeft #SecurityCulture #DevSecOps #CyberSecurity
-
We are thrilled to announce that Semgrep is a Gold Sponsor at OWASP Benelux this year, and we couldn’t be more pumped to meet the amazing AppSec community in the Netherlands! Come hang out with us at our booth on November 28th and see how Semgrep’s AppSec platform helps developers find and fix critical vulnerabilities faster than ever—while keeping new issues at bay! ?? Why swing by the Semgrep booth? ??? Get a live demo and see how we deliver lightning-fast, accurate, and customizable security insights across SAST, SCA, and Secrets. ?? Meet our team and chat about how we can help you level up your AppSec game! ?? Snag some exclusive Semgrep swag, including limited-edition stickers only available at OWASP Benelux! We can’t wait to see you there—let’s make security fun and unforgettable! https://lnkd.in/gnU9n7HD CC: OWASP? Foundation #appsec #cybersecurity #events #owasp