Sign inProduct supportContact Us
Case StudiessecurityHow Tide transitioned to developer first security
Customer Success Story

How Tide transitioned to developer-first security

  • Democratized security with the help of security champions and developers

  • Reduced noise in detecting supply chain vulnerabilities by 80% using Semgrep's reachability analysis

  • Achieved 100% fix rate for issues found using Semgrep's custom rules

Tide white

In this video case study, Devyani Vij, Sr. Product Security Engineer at Tide, discusses how enables her team to deploy a secure SDLC model that empowers developers to understand security issues and make long term improvements to their coding decisions.

Devyani talks about:

  • Embedding tools in the SDLC process so that each step of SDLC is secured

  • Choosing security products that are developer-first

  • Successfully implementing a Security Champions program, democratizing security and fostering its widespread adoption

  • Reducing false positives in Software Composition Analysis (SCA) by 80% using Semgrep Supply Chain’s reachability analysis

  • Achieving a remarkable 100% fix rate using Semgrep Code’s (SAST) custom rules

  • Leveraging Semgrep Assistant, an AI-powered tool, for enhanced understanding and efficient remediation of vulnerabilities.

  • Implementing Semgrep’s IDE extensions to proactively address security concerns at an early stage, thereby promoting shift-left approach.

Watch the detailed conversation on YouTube.

About

Semgrep Logo

Semgrep lets security teams partner with developers and shift left organically, without introducing friction. Semgrep gives security teams confidence that they are only surfacing true, actionable issues to developers, and makes it easy for developers to fix these issues in their existing environments.

Featured posts from the Semgrep blog, written by our engineering team:

What it takes to make shift left work - blog post thumbnailBest practices

April 16, 20243 min read

What it takes to make shift left work
Isaac EvansIsaac Evans
Auto-fix remediation guidanceSecurity

January 17, 20235 min read

10x your AppSec program with Semgrep Assistant
Chushi LiChushi Li
Photo by Andrik Langfield on UnsplashSecurity

January 17, 20248 min read

Comparing Reachability Analysis methods: Semgrep's distinct approach
Kyle KellyKyle Kelly

Find and fix the issues that matter before build time

Semgrep helps organizations shift left without the developer productivity tax.

Get started in minutesBook a demo
Semgrep Logo

Make shift left work

4.5 Stars

Products

Semgrep Code
Semgrep Supply Chain
Semgrep AppSec Platform
Semgrep Pro Engine

Community

Blog

Resources

Docs
ROI Calculator
Pricing
Getting Started With Semgrep
Registry
Playground
Book a demo
Help Center

Company

About
Careers
Contact us
Twitter-logo-greenSlack-logo-greenGitHub-logo-greenYoutube-logo-green

© 2024 Semgrep, Inc. Semgrep is a registered trademark of Semgrep, Inc.

Website termsPrivacy