Semgrep

?? Shift Left brought us closer to security in the development process, but we need more. Carolynn van Arsdale’s latest post on Security Boulevard explains why shifting everywhere—before, during, and after development—is essential for today’s security landscape. As Tanya Janca says, “Shift left was never a replacement for a real AppSec program.” It’s time to get proactive and integrate security at every step! Read the full blog post for expert insights from Tanya Janca, Cassie Crossley, Dustin Lehr, Chris Romeo, and Sa?a Zdjelar! ?? https://lnkd.in/gGnnNRbM #AppSec #ShiftLeft #SecurityCulture #DevSecOps #CyberSecurity

We are thrilled to announce that Semgrep is a Gold Sponsor at OWASP Benelux this year, and we couldn’t be more pumped to meet the amazing AppSec community in the Netherlands! Come hang out with us at our booth on November 28th and see how Semgrep’s AppSec platform helps developers find and fix critical vulnerabilities faster than ever—while keeping new issues at bay! ?? Why swing by the Semgrep booth? ??? Get a live demo and see how we deliver lightning-fast, accurate, and customizable security insights across SAST, SCA, and Secrets. ?? Meet our team and chat about how we can help you level up your AppSec game! ?? Snag some exclusive Semgrep swag, including limited-edition stickers only available at OWASP Benelux! We can’t wait to see you there—let’s make security fun and unforgettable! https://lnkd.in/gnU9n7HD CC: OWASP? Foundation #appsec #cybersecurity #events #owasp

?? Semgrep is now on BlueSky! Follow us for the latest in AppSec, company updates, new content, and upcoming events. Let’s connect! https://lnkd.in/gpR8GyRF #AppSec #BlueSky #CyberSecurity

?? Heading to Vegas for AWS re:Invent??Let’s connect! We’re excited to be there and are hosting two exclusive events in addition to customer meetings: Security Leadership Dinner ?? December 3rd, 2024 | 6:00 - 8:30 PM ?? Harvest, Bellagio Join Resourcely and Semgrep for an evening of networking, secure coding discussions, and delicious food at Harvest in the Bellagio. Register here: https://lu.ma/0tbohx8p Sip & Sync at the Sphere ?? December 3rd, 2024 | 5:30 - 7:30 PM ?? Las Vegas Sphere Join Converge Technology Solutions Corp. and Semgrep to network with top security leaders while experiencing the iconic Las Vegas Sphere—where tech meets innovation. Register here: https://lnkd.in/grn4dbnw ?? Request a Meeting with Our Exec Team Our co-founders Isaac Evans and Drew Dennison, CRO Daghan Altas, and CMO Aaron Liao will be on-site at the event! Let’s meet and explore opportunities! Request a meeting: https://lnkd.in/gpUn8_kn #AWS #security #AppSec #cybersecurity

The Semgrep team gathered in the stunning Carmel Valley to connect, collaborate, and chart our path forward. It’s been an incredible year for the company, and bringing the team together in person was a truly special experience! With colleagues spread across the globe, these moments are essential for fostering meaningful connections and strengthening our shared vision. A heartfelt thank you to our customers, partners, and, of course, our amazing team for making this all possible. ?? We’re excited to see what the future holds as we head into 2025 and beyond! #appsec #cybersecurity #semgrep

?? Lyft is on a mission to scale security by shifting left as much as possible by building tooling and processes that catch security issues early in the software development lifecycle. Here’s how they achieved it: ?? Custom Rules Made Easy: Semgrep simplified writing and testing custom rules, allowing Lyft to find code-specific vulnerabilities faster. ?? Reduced Noise: With Semgrep Supply Chain’s reachability analysis, Lyft cut through the noise of false positives and surfaced actionable security findings to developers. ?? Faster Remediation: Thanks to Semgrep, Lyft was able to quickly identify and fix critical vulnerabilities like Log4Shell. ?? Looking Ahead: Lyft is now excited to scale its security efforts with AI-driven automation via Semgrep Assistant. Want to see how Semgrep helped Lyft achieve security at scale? ?? Read the full case study: https://lnkd.in/gj8yqm65 #Security #ShiftLeft #DevSecOps #SAST #Semgrep #Cybersecurity #OpenSourceSecurity #Lyft #SecurityAutomation

Secure defaults and clear guardrails are essential for minimizing vulnerabilities—Semgrep makes it easy to implement them at scale, from startups to Fortune 500s.

Exciting News, Ottawa! Tanya Janca is Coming to Town! ?? First Stop: OWASP? Foundation Meetup - November 20th, 6 PM ET at the University of Ottawa Tanya will dive into some of the most common DevSecOps mistakes, explaining why certain practices can be more harmful than helpful. This talk will give you a better understanding of the risks involved and how to avoid them. ??? Register Now: https://lnkd.in/ggHAuTq4 ?? Next Stop: BSidesOttawa - November 22nd, 9:15 AM ET Tanya will be delivering her Keynote on how to mature your AppSec program. She’ll walk you through three practical maturity levels and give actionable steps to improve your security posture—no matter where you are in your journey. ??? Register Now: https://bsidesottawa.ca/ Sign up before it is too late, we hope to see you there! ?? #appsec #security #Semgrep #cybersecurity

?? Semgrep Academy is your ultimate destination for mastering application security! Whether you're a seasoned developer or just beginning your cybersecurity journey, we provide the tools and knowledge you need to succeed. Our courses include: ?? Incident Response for Software Developers: This course equips developers (and the broader IT team) with the key knowledge they need during a security incident. Topics include ‘need to know,’ ‘see something, say something,’ and more. Sign up here: https://lnkd.in/gaUJuzAZ ?? Semgrep Custom Rules Level 1: Unlock the power of static analysis by learning to write custom Semgrep rules. These rules can be used to enforce secure coding standards, implement guardrails, and detect bugs across your codebase. Sign up here: https://lnkd.in/gajqjTBN ?? Secure Guardrails: Shift your application security program from reactive to proactive with this course on building secure guardrails. Learn about paved roads, secure defaults, and technical controls to ensure your developers stay on the safe path. Sign up here: https://lnkd.in/gUsg7NjK Whether you're looking to learn a new skill, discover a powerful tool, or even change careers, the choice is yours! So, what are you waiting for? Browse through our courses and join the learning party! ?? #security #appsec #semgrep #cybersecurity

Are you dealing with endless amounts of false positives? Are your developers annoyed at security workflows, and how much time they are forced to spend on StackOverflow learning how to fix something? You’re definitely not alone in this struggle. Join Jack Moxon and Chushi Li tomorrow, November 13th at 9 AM PT to discover how Semgrep Assistant, your personal AI security engineer, can transform your development workflow. You will walk away with an understanding of how assistant: ?? Automatically triages findings, identifies false positives, and learns from prior human decisions to improve accuracy. ?? Offers clear, step-by-step remediation guidance that any developer can follow, regardless of security experience. ??? Uses memories to understand your codebase and improve over time, all without manual tweaking. https://lnkd.in/gPF99sYE #AISecurity #Semgrep #Security #AppSec #webinar