Semgrep Video Library

Browse our library of on-demand videos, including testimonials, industry information, and tutorials.

Featured Videos
Featured Videos

Semgrep Secure 2026: Code Security Rebuilt for the AI Era

Announcements
Application Security

Security Rulez: Should AppSec Engineers Still Learn AppSec?

Application Security

Finding Broken Logic and Auth with AI-Powered Multimodal Detection

Announcements

Mythos, AI Harnesses, and Surviving the Next 12 Months of AppSec

All Videos
All Announcements Application Security Best Practices Community Open Source Secure Coding Security Research
announcements

Semgrep Summer '26 Release

Announcements

Mythos, AI Harnesses, and Surviving the Next 12 Months of AppSec

Announcements

Patch of the Day: Security Teams vs. the Cyber Resilience Act

application-security

Finding Broken Logic and Auth with AI-Powered Multimodal Detection

application-security

Security Rulez: Should AppSec Engineers Still Learn AppSec?

community

Should AppSec Engineers Still Learn AppSec?

application-security

Security Rulez: The (L)AST Test You'll Ever Need? SAST vs. DAST

community

The (L)AST Test You’ll Ever Need? SAST vs. DAST

Announcements

Respond to Supply Chain Attacks in 3 Easy Steps

application-security

Responding to Emergent Supply Chain Threats with Semgrep

security

Trends in Code Security: What Top Security Teams Do Differently

secure-coding

Responding to Emergent Supply Chain Threats with Semgrep (EMEA)

security

Security Rulez: The ID Verification Heist

community

The ID Verification Heist

Announcements

Hands-On Workshop: Semgrep Multimodal

application-security

No AI Without APIs: The 2026 Guide to Modern API Hacking

announcements

Semgrep Secure 2026: Code Security Rebuilt for the AI Era

best-practices

AI for Security Engineers (with Cursor's Security Lead)

application-security

Driving Real Security ROI with Semgrep Assistant

community

Security Rulez: AI skeptics vs agents

application-security

Responding to Emergent Supply Chain Threats with Semgrep

open-sources

Security Rulez: Developers vs Security, War against bugs

application-security

Security Rulez: Unfiltered Cybersecurity Hot Takes shaping and shaking up 2026

application-security

SAST + DAST, Finally in Sync - Turning AppSec Noise into Action with Semgrep & StackHawk

application-security

Measuring What Matters: How Closed-Loop Evaluation Will Shape the Next Generation of AppSec Agents

best-practices

Building Your Personal AI Infrastructure with Daniel Miessler

application-security

Real-World Applications of Semgrep Memories: How Customers Are Using AI to Eliminate False Positives

announcements

Semgrep Autumn '25 Release Highlights

application-security

Breaking the False Positive Cycle: How Semgrep Helps Security Engineers Move Faster

application-security

Security Rulez Halloween Special: Trick or Treat: a Fear-Factor Ranking of Global Security Regulations

community

Semgrep Community Edition (Fall Release) | Demos & Roadmap

secure-coding

Secure Vibes Only: How to Vibe Code Without Causing a Data Breach

application-security

Startup to Scale-Up: Code Security That Grows With You

application-security

From Doubt to Direction: What AI Really Means for AppSec

application-security

Breaking the False Positive Cycle: How Semgrep Helps Security Engineers Move Faster

application-security

Menos ruido, más código seguro: IA + Semgrep para un SAST inteligente

application-security

From AI to Action: Fixing Vulnerabilities Faster with Semgrep in Cursor

community

Security Rulez: I took my boss to Hacker Summer Camp and here’s what happened

Announcements

Semgrep Summer ‘25 Release Highlights

application-security

Assistant Memories Interactive Demo

secure-coding

Secure Vibe Coding: Real-Time AI Guardrails with Semgrep MCP

best-practices

EMEA: Top 5 Metrics for Effective Security Leadership

application-security

MCP: Model, Context… Propaganda? What security teams need to know about the latest hyped up AI tech

application-security

AI Meets AppSec: Real vs. Hype?

secure-coding

How to do Secure Code Review with Vibe Coding IDEs

community

Engineering a Safer Future at LaunchDarkly

best-practices

How Fintechs Can Balance Innovation and Compliance

community

Modern Security Podcast: Bridging Security & Productivity with Systems Thinking

security

Redefining Security Investment: SAST Scans and DFPM

Announcements

Semgrep RuleWriting 201

announcements

Semgrep Spring '25 Release Highlights

security

Tainted Love: A Deep Dive into Semgrep’s Taint Mode Workshop

community

The Modern Security Podcast: The Art of Secure Guardrails: Lessons from GitHub

community

Winning Friends & Influencing Developers with Sandesh Anand

announcements

See What We’re Unveiling at Black Hat—Before Anyone Else

secure-coding

Artificial Risks: AI, Games, and Threats

Announcements

Scaling SAST with AI – How esure Built Secure Development at Speed

application-security

Real-World AppSec: What Actually Works in Practice

announcements

EMEA: New Features – AI-powered Memories & Enterprise-ready Scanning

application-security

Privacy by Design: Making Threat Modeling Work for Data Protection

application-security

The End of Static Security: How Context-Aware AI Is Changing SAST Forever

security

Common Vulnerabilities in GitHub Actions - And How to Protect Against Them

best-practices

Empower Your Builders: A Fireside Chat on Practical AppSec

secure-coding

Vibe Coding, But Make it Safe

application-security

[LATAM webinar] Rewriting the Rules of Static Analysis with AI

best-practices

Top 5 Metrics for Effective Security Leadership

secure-coding

Coding Securely Doesn’t Have to Be Boring: A Fireside Chat with Laura Bell Main

application-security

EMEA: 10xing your AppSec Program with AI and LLMs

application-security

The False Positives That SAST Tools Always Flag

announcements

Exclusive Preview of RSA 2025

application-security

Ditch the Distractions: Adaptive Noise Canceling for Code Scanning

Announcements

Secure Guardrails Fundamentals: External Entity Injection - EMEA
application-security

Remediating your vulnerability backlog at scale with AI

Announcements

Secure Coding Training
secure-coding

How to Build the Ideal Security Workflow for Developers

community

Clint Collabs: Netflix’s Scott Behrens on the Difficulty of Building a Useful Paved Road & Where to Start

secure-coding

The Rules - October Session

secure-coding

Secure Guardrails Fundamentals: External Entity Injection

community

Automating Secure Guardrails: Leveraging SAST and Other Tools for Effective Implementation

open-sources

Secure Open Source Dependencies with Semgrep Supply Chain

secure-coding

The Rules September

community

Best Practices and Innovations in Software Supply Chain Security

application-security

How to take a guardrails approach to SAST with Semgrep Code

secure-coding

Case of the common vulnerability? Secure guardrails can help!

secure-coding

The Rules

community

Collaborating with Development Teams: How to Successfully Implement and Enforce Secure Guardrails

best-practices

Skynet or WALL-E? How AI is changing work for Security teams

application-security

Securing Solo: Maximize Your AppSec Efficiency and Cut the Noise

best-practices

You Should Be Using AI for AppSec

best-practices

Clint Collabs: Jason Chan on the Origin of the Paved Road

community

Building a Successful Security Champions Program: What Does it Take?

open-sources

Software Supply Chain Security; More Than Just Dependencies

best-practices

Maturing Your Threat Modeling Skills

security

How we implemented inter-file analysis to find the vulnerabilities that matter

application-security

How Yext built a vulnerability management program from scratch using Semgrep

best-practices

Down with the CISO with Nathan Case, CISO of Corsha

security

Clint Collabs: Chris Hughes and Securing your Software Supply Chain

best-practices

Fireside Chat: Protecting Your Digital Security with Leigh Honeywell

best-practices

Application Security Is Eating Cloud Security for Lunch

open-sources

How Merge finds and fixes vulnerabilities that matter

application-security

Training 101: Intro to Pro Engine

application-security

Training 101: Intro to Semgrep Supply Chain

application-security

Training 201: Understanding Reachability on Github with Semgrep Supply Chain

application-security

Floating the goat: How to use DevSecOps to secure OWASP WebGoat

Announcements

Getting started with Semgrep Secrets
secure-coding

A Practical Approach to Secure Guardrails

application-security

AI-Powered AppSec: Automating Prioritization, Triage, and Remediation

application-security

Boost Development with Semgrep Assistant: Your Personal AI Security Engineer

best-practices

Fireside Chat: Burning Down Organizational Risk

community

Founder Friday: re:Invent Reflections and AI Predictions

best-practices

How to Choose the Right SAST Solution: Practical Insights from Security Experts

community

How to Swim in The Ocean of SCA