Semgrep

Semgrep

软件开发

San Francisco,California 9,934 位关注者

Semgrep is a code scanning platform for finding first and third-party security vulnerabilities in your code base.

关于我们

We’re Semgrep, a software security company. Our mission is to profoundly improve software security and reliability to safeguard human progress. We maintain Semgrep, a tool to find bugs and reachable dependency vulnerabilities in code. Semgrep lets you enforce your code standards on every commit. With 2,000+ existing rules and simple-to-create custom ones, it finds the bugs that matter. Semgrep can run anywhere: in CI, your editor, or the command-line. Plus, with dedicated infrastructure from Semgrep, Inc., it’s easy to deploy, manage, and monitor Semgrep at scale. Semgrep is made with ? by Semgrep, Inc. We’re hiring: https://go.semgrep.dev/careers

网站
https://semgrep.dev
所属行业
软件开发
规模
51-200 人
总部
San Francisco,California
类型
私人持股
创立
2017

地点

  • 主要

    88 Kearny St

    15F

    US,California,San Francisco,94104

    获取路线

Semgrep员工

动态

  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    December is almost here, and Semgrep's bringing you a whole month of action-packed webinars to help you stay ahead of the curve! Whether you’re into AI, code scanning, or security, there’s something for everyone. Check out what’s coming up: December 3, 9AM PT: Adaptive Noise Canceling Meets Code Scanning Join David Whitlow for a deep dive into how Semgrep’s high-context code scanning can transform your approach to security, with a special focus on how AI is reducing friction for developers. ??? Register here: https://lnkd.in/gbDcTx62 December 5, 9AM PT: How to Swim in the Ocean of SCA Join Rotem Reiss ???? and Amanda McCarvill for an engaging discussion on how to successfully navigate the world of Software Composition Analysis (SCA). We will discuss scaling, prioritization, how to work it into your workflows and so much more! ??? Register here: https://lnkd.in/gfsiS4dZ December 13, 9AM PT: Burning Down Organizational Risk Join Jeevan S. and Tanya Janca for a fireside chat on how to share organizational risk, democratize security, and the importance of making security everyone’s responsibility. ??? Register here: https://lnkd.in/g-Xi85ud The best part? This is just the start! Stay tuned for more exciting webinars to come! ?? #appsec #devops #cybersecurity #ai #events

    • 该图片无替代文字
  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    ?? Shift Left brought us closer to security in the development process, but we need more. Carolynn van Arsdale’s latest post on Security Boulevard explains why shifting everywhere—before, during, and after development—is essential for today’s security landscape. As Tanya Janca says, “Shift left was never a replacement for a real AppSec program.” It’s time to get proactive and integrate security at every step! Read the full blog post for expert insights from Tanya Janca, Cassie Crossley, Dustin Lehr, Chris Romeo, and Sa?a Zdjelar! ?? https://lnkd.in/gGnnNRbM #AppSec #ShiftLeft #SecurityCulture #DevSecOps #CyberSecurity

    • 该图片无替代文字
  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    We are thrilled to announce that Semgrep is a Gold Sponsor at OWASP Benelux this year, and we couldn’t be more pumped to meet the amazing AppSec community in the Netherlands! Come hang out with us at our booth on November 28th and see how Semgrep’s AppSec platform helps developers find and fix critical vulnerabilities faster than ever—while keeping new issues at bay! ?? Why swing by the Semgrep booth? ??? Get a live demo and see how we deliver lightning-fast, accurate, and customizable security insights across SAST, SCA, and Secrets. ?? Meet our team and chat about how we can help you level up your AppSec game! ?? Snag some exclusive Semgrep swag, including limited-edition stickers only available at OWASP Benelux! We can’t wait to see you there—let’s make security fun and unforgettable! https://lnkd.in/gnU9n7HD CC: OWASP? Foundation #appsec #cybersecurity #events #owasp

    • 该图片无替代文字
  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    ?? Heading to Vegas for AWS re:Invent??Let’s connect! We’re excited to be there and are hosting two exclusive events in addition to customer meetings: Security Leadership Dinner ?? December 3rd, 2024 | 6:00 - 8:30 PM ?? Harvest, Bellagio Join Resourcely and Semgrep for an evening of networking, secure coding discussions, and delicious food at Harvest in the Bellagio. Register here: https://lu.ma/0tbohx8p Sip & Sync at the Sphere ?? December 3rd, 2024 | 5:30 - 7:30 PM ?? Las Vegas Sphere Join Converge Technology Solutions Corp. and Semgrep to network with top security leaders while experiencing the iconic Las Vegas Sphere—where tech meets innovation. Register here: https://lnkd.in/grn4dbnw ?? Request a Meeting with Our Exec Team Our co-founders Isaac Evans and Drew Dennison, CRO Daghan Altas, and CMO Aaron Liao will be on-site at the event! Let’s meet and explore opportunities! Request a meeting: https://lnkd.in/gpUn8_kn #AWS #security #AppSec #cybersecurity

    • 该图片无替代文字
  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    The Semgrep team gathered in the stunning Carmel Valley to connect, collaborate, and chart our path forward. It’s been an incredible year for the company, and bringing the team together in person was a truly special experience! With colleagues spread across the globe, these moments are essential for fostering meaningful connections and strengthening our shared vision. A heartfelt thank you to our customers, partners, and, of course, our amazing team for making this all possible. ?? We’re excited to see what the future holds as we head into 2025 and beyond! #appsec #cybersecurity #semgrep

  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    ?? Lyft is on a mission to scale security by shifting left as much as possible by building tooling and processes that catch security issues early in the software development lifecycle. Here’s how they achieved it: ?? Custom Rules Made Easy: Semgrep simplified writing and testing custom rules, allowing Lyft to find code-specific vulnerabilities faster. ?? Reduced Noise: With Semgrep Supply Chain’s reachability analysis, Lyft cut through the noise of false positives and surfaced actionable security findings to developers. ?? Faster Remediation: Thanks to Semgrep, Lyft was able to quickly identify and fix critical vulnerabilities like Log4Shell. ?? Looking Ahead: Lyft is now excited to scale its security efforts with AI-driven automation via Semgrep Assistant. Want to see how Semgrep helped Lyft achieve security at scale? ?? Read the full case study: https://lnkd.in/gj8yqm65 #Security #ShiftLeft #DevSecOps #SAST #Semgrep #Cybersecurity #OpenSourceSecurity #Lyft #SecurityAutomation

    • 该图片无替代文字
  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    Secure defaults and clear guardrails are essential for minimizing vulnerabilities—Semgrep makes it easy to implement them at scale, from startups to Fortune 500s.

    查看Abhay Bhargav的档案,图片

    I help Product Security Teams deliver high performance | AppSec Expert with over 15 yrs of experience | Author of 2 books and Black Hat Trainer | Building the world's best Security Training Platform, @AppSecEngineer

    Libraries that might have insecure modes that might cause vulns, as a feature: - JWT libs (none algo, no sig verification) - YAML libs for parsing - Image/Video processing (ImageMagick) - XML libs - crypto libs w/ support for insecure encryption/hashing algos

  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    Exciting News, Ottawa! Tanya Janca is Coming to Town! ?? First Stop: OWASP? Foundation Meetup - November 20th, 6 PM ET at the University of Ottawa Tanya will dive into some of the most common DevSecOps mistakes, explaining why certain practices can be more harmful than helpful. This talk will give you a better understanding of the risks involved and how to avoid them. ??? Register Now: https://lnkd.in/ggHAuTq4 ?? Next Stop: BSidesOttawa - November 22nd, 9:15 AM ET Tanya will be delivering her Keynote on how to mature your AppSec program. She’ll walk you through three practical maturity levels and give actionable steps to improve your security posture—no matter where you are in your journey. ??? Register Now: https://bsidesottawa.ca/ Sign up before it is too late, we hope to see you there! ?? #appsec #security #Semgrep #cybersecurity

    • 该图片无替代文字
  • 查看Semgrep的公司主页,图片

    9,934 位关注者

    ?? Semgrep Academy is your ultimate destination for mastering application security! Whether you're a seasoned developer or just beginning your cybersecurity journey, we provide the tools and knowledge you need to succeed. Our courses include: ?? Incident Response for Software Developers: This course equips developers (and the broader IT team) with the key knowledge they need during a security incident. Topics include ‘need to know,’ ‘see something, say something,’ and more. Sign up here: https://lnkd.in/gaUJuzAZ ?? Semgrep Custom Rules Level 1: Unlock the power of static analysis by learning to write custom Semgrep rules. These rules can be used to enforce secure coding standards, implement guardrails, and detect bugs across your codebase. Sign up here: https://lnkd.in/gajqjTBN ?? Secure Guardrails: Shift your application security program from reactive to proactive with this course on building secure guardrails. Learn about paved roads, secure defaults, and technical controls to ensure your developers stay on the safe path. Sign up here: https://lnkd.in/gUsg7NjK Whether you're looking to learn a new skill, discover a powerful tool, or even change careers, the choice is yours! So, what are you waiting for? Browse through our courses and join the learning party! ?? #security #appsec #semgrep #cybersecurity

    • 该图片无替代文字

相似主页

查看职位

融资