Find bugs and reachable dependency vulnerabilities in code.
Enforce your code standards on every commit.
Scan with Semgrep AppSec Platform
Deploy static application security testing (SAST), software composition analysis (SCA), and secrets scans from one platform.
Get started
Run your first Semgrep scan.
Deploy Semgrep
Deploy Semgrep to your organization quickly and at scale.
Triage and remediate
Triage and remediate findings; fine-tune guardrails for developers.
Write rules
Create custom rules to enforce your organization's coding standards.
Enhance your Semgrep experience
Semgrep Assistant
AI for triage, remediation, and institutional memory.
Secure guardrails
Help developers write secure code in their environment.
Managed Scans
Onboard thousands of repositories to Semgrep.
Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.