Welcome to the Semgrep blog

Code analysis at ludicrous speed

SearchBox Icon
announcements
Releasing Semgrep 1.0

Announcing a milestone release: Semgrep 1.0

Yoann Padioleau
Yoann Padioleau
December 01, 2022
semgrep 1.0 blog post
development
Need for speed: static analysis version

Why speed is important in static analysis and how Semgrep achieves ludicrous speed

Brandon Wu
Brandon Wu
November 29, 2022
Semgrep scan times
best practices
Tips and tricks for writing fixes

A few tips you might not know to improve your Semgrep usage

Pieter De Cremer
Pieter De Cremer
April 18, 2022
Tips and tricks for writing fixes thumbnail
security
Software supply chain security is hard

See why today's SCA tools are noisy and how can you leverage reachability to reduce the noise

Andy Huang
Andy Huang
September 28, 2022
Blog Card - image
announcements
Announcing Semgrep Code: SAST designed and built for engineers

Semgrep Code enables security teams to leverage the Semgrep Pro Engine and Pro rules to surface highly actionable vulnerabilities directly to developers.

Raghav Jain
Raghav Jain
February 14, 2023
Announcing Semgrep Code
announcements
It's time to ignore 98% of dependency alerts. Introducing Semgrep Supply Chain.

Based on the Semgrep engine, Semgrep Supply Chain finds reachable vulnerable dependencies in your code

Adam Berman
Adam Berman
October 04, 2022
Blog Card - image
announcements
Releasing Semgrep 1.0

Announcing a milestone release: Semgrep 1.0

Yoann Padioleau
Yoann Padioleau
December 01, 2022
semgrep 1.0 blog post
development
Need for speed: static analysis version

Why speed is important in static analysis and how Semgrep achieves ludicrous speed

Brandon Wu
Brandon Wu
November 29, 2022
Semgrep scan times
best practices
Tips and tricks for writing fixes

A few tips you might not know to improve your Semgrep usage

Pieter De Cremer
Pieter De Cremer
April 18, 2022
Tips and tricks for writing fixes thumbnail
security
Software supply chain security is hard

See why today's SCA tools are noisy and how can you leverage reachability to reduce the noise

Andy Huang
Andy Huang
September 28, 2022
Blog Card - image
announcements
Announcing Semgrep Code: SAST designed and built for engineers

Semgrep Code enables security teams to leverage the Semgrep Pro Engine and Pro rules to surface highly actionable vulnerabilities directly to developers.

Raghav Jain
Raghav Jain
February 14, 2023
Announcing Semgrep Code
announcements
It's time to ignore 98% of dependency alerts. Introducing Semgrep Supply Chain.

Based on the Semgrep engine, Semgrep Supply Chain finds reachable vulnerable dependencies in your code

Adam Berman
Adam Berman
October 04, 2022
Blog Card - image
announcements
Releasing Semgrep 1.0

Announcing a milestone release: Semgrep 1.0

Yoann Padioleau
Yoann Padioleau
December 01, 2022
semgrep 1.0 blog post
development
Need for speed: static analysis version

Why speed is important in static analysis and how Semgrep achieves ludicrous speed

Brandon Wu
Brandon Wu
November 29, 2022
Semgrep scan times
best practices
Tips and tricks for writing fixes

A few tips you might not know to improve your Semgrep usage

Pieter De Cremer
Pieter De Cremer
April 18, 2022
Tips and tricks for writing fixes thumbnail
security
Software supply chain security is hard

See why today's SCA tools are noisy and how can you leverage reachability to reduce the noise

Andy Huang
Andy Huang
September 28, 2022
Blog Card - image
announcements
Announcing Semgrep Code: SAST designed and built for engineers

Semgrep Code enables security teams to leverage the Semgrep Pro Engine and Pro rules to surface highly actionable vulnerabilities directly to developers.

Raghav Jain
Raghav Jain
February 14, 2023
Announcing Semgrep Code
announcements
It's time to ignore 98% of dependency alerts. Introducing Semgrep Supply Chain.

Based on the Semgrep engine, Semgrep Supply Chain finds reachable vulnerable dependencies in your code

Adam Berman
Adam Berman
October 04, 2022
Blog Card - image
Categories
  • All
  • announcements
  • security
  • development
  • tips and tricks
  • best practices
  • meetups
RSS Image
Subscribe via RSS

Categories

Latest posts
Announcing Semgrep’s beta support for Rust thumbnail
announcements
March 01, 2023
Announcing Semgrep’s beta support for Rust
Abstract Gradient
Matt Schwager
Thumbnail: Developer-focused results and improved coverage with Semgrep Pro rules
security
February 24, 2023
Developer-focused results and improved coverage with Semgrep Pro rules
Claudio profile pic
Claudio Merloni
Announcing Semgrep Code
announcements
February 14, 2023
Announcing Semgrep Code: SAST designed and built for engineers
Raghav Jain
Raghav Jain
xml-java
security
January 17, 2023
XML Security in Java
Pieter De Cremer
Pieter De Cremer
semgrep 1.0 blog post
announcements
December 01, 2022
Releasing Semgrep 1.0
Yoann Padioleau
Yoann Padioleau
Semgrep scan times
development
November 29, 2022
Need for speed: static analysis version
Brandon Wu
Brandon Wu
findings page as of dec 22
security
November 18, 2022
Building an enterprise-ready, scalable security program using Semgrep
Portrait of ChinmayJason lim
Jason Lim,Chinmay Galkwad
autofix-nat
tips and tricks
November 03, 2022
Powerfully autofixing code with Semgrep's new AST-based approach
Nat Mote
Nat Mote

Static analysis at ludicrous speed

Find Bugs and Enforce Code Standards

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Semgrep Logo

Code analysis at ludicrous speed

Products

Semgrep Code
Semgrep Supply Chain
Semgrep Cloud Platform
Semgrep Pro Engine

Community

Blog

Resources

Docs
ROI Calculator
Pricing
Getting Started With Semgrep
Registry
Playground
Book a demo
Help Center

Company

About
Careers
Contact us
Twitter-logo-greenSlack-logo-greenGitHub-logo-greenYoutube-logo-green

© 2023 r2c. Semgrep is a registered trademark of r2c.

TermsPrivacy