Deploy, manage, and monitor Semgrep at scale (SAST).
Find vulnerabilities in your OSS dependencies (SCA).
Automate, manage, and enforce code standards across your organization.
Advanced analysis for detecting vulnerabilities across files and functions.
Find rules written by Semgrep and the community.
Write and share rules using our online interactive tool.
Automated recommendations for triage and code remediation using Semgrep assisted by GPT-4
Check out the guided tour of Semgrep Supply Chain
Want to read all the docs? Start here
Get the latest news about Semgrep
See how Semgrep can reduce your tech debt
Join the friendly Slack group to ask questions or share feedback
Join us at a Semgrep Event!
See why users love Semgrep
The Semgrep story & values
Join the team!
Code analysis at ludicrous speed
Based on the Semgrep engine, Semgrep Supply Chain finds reachable vulnerable dependencies in your code
Semgrep Code enables security teams to leverage the Semgrep Pro Engine and Pro rules to surface highly actionable vulnerabilities directly to developers.
With Semgrep Supply Chain, you can now mitigate supply chain vulnerabilities before a CVE even drops with Dependency Search and enforce your organization's license policies on pull requests with License Compliance.
Introducing free access to Semgrep Supply Chain and Code’s Pro features, for up to 10 monthly contributors. Additionally, Semgrep is faster and runs with every keystroke in the browser and in VS Code.
Announcement details for our first AI-augmented beta: Semgrep Assistant
Categories
Find Bugs and Enforce Code Standards
Products
Community
Resources
Company
Subscribe to our newsletter
© 2023 Semgrep, Inc. Semgrep is a registered trademark of Semgrep, Inc.