Sign inProduct supportContact Us
Case StudiessecurityPolicygenius: Shifting left with Semgrep
Customer Success Story

Policygenius: Shifting left with Semgrep

  • Semgrep scans their entire repository in seconds.

  • With Semgrep, Policygenius has nearly zero false positives per scan.

  • Policygenius’ security team appreciates easy-to-create rulesets.

Policygenius case study

About Policygenius

Policygenius transforms the insurance journey for today’s consumer, providing a one-stop platform where customers can compare options from top insurance carriers, get unbiased expert advice, buy policies, and manage their insurance portfolio, in one seamless, integrated experience. Our proprietary technology platform integrates with the leading life, disability, and home and auto insurance carriers and delivers an exceptional digital experience for both consumers and insurance carriers. Since 2014, our content, digital tools, and experts have served as a resource for millions of people on their insurance journey, and we have sold more than $160 billion in coverage.

Jessica Grider Quote

The software security team at Policygenius is responsible for making sure that their software is as secure as possible without unnecessarily slowing down software developers.

The Policygenius technology stack consists of:

- Languages: Ruby, Java, Golang, Python

- Frameworks: Terraform, Github

As in just about all technology companies, there were more developers than security engineers, which posed the challenge of how to create a not only scalable and effective but also efficient and developer-friendly secure SDLC. Due to this, Jessica Grider, Senior DevSecOps Engineer, wanted to make sure that the security shifts left and the security infrastructure is automated as much as possible. Shifting left is crucial because it detects vulnerabilities before they reach production, thus allowing developers and security teams to be proactive rather than reactive.

With this in mind, Jessica was looking for a security solution that was fast, reliable, and had very few false positives.

The Semgrep App makes policy enforcement easy. Policygenius has been able to add specific rulesets for specific repositories, add new rules, and change rules easily with the Rule Board.

cool vendor 2023 badges

Conclusion

Jessica and her team are highly appreciative of the support from Semgrep to help boost their security posture. Policygenius is excited to utilize the power of Semgrep fully.

About

Semgrep Logo

Semgrep lets security teams partner with developers and shift left organically, without introducing friction. Semgrep gives security teams confidence that they are only surfacing true, actionable issues to developers, and makes it easy for developers to fix these issues in their existing environments.

Featured posts from the Semgrep blog, written by our engineering team:

What it takes to make shift left work - blog post thumbnailBest practices

April 16, 20243 min read

What it takes to make shift left work
Isaac EvansIsaac Evans
Auto-fix remediation guidanceSecurity

January 17, 20235 min read

10x your AppSec program with Semgrep Assistant
Chushi LiChushi Li
Photo by Andrik Langfield on UnsplashSecurity

January 17, 20248 min read

Comparing Reachability Analysis methods: Semgrep's distinct approach
Kyle KellyKyle Kelly

Find and fix the issues that matter before build time

Semgrep helps organizations shift left without the developer productivity tax.

Get started in minutesBook a demo
Semgrep Logo

Make shift left work

4.5 Stars

Products

Semgrep Code
Semgrep Supply Chain
Semgrep AppSec Platform
Semgrep Pro Engine

Community

Blog

Resources

Docs
ROI Calculator
Pricing
Getting Started With Semgrep
Registry
Playground
Book a demo
Help Center

Company

About
Careers
Contact us
Twitter-logo-greenSlack-logo-greenGitHub-logo-greenYoutube-logo-green

© 2024 Semgrep, Inc. Semgrep is a registered trademark of Semgrep, Inc.

Website termsPrivacy