Advanced code analysis with interfile capabilities and enterprise language support
Pro Engine uses advanced dataflow analysis to reduce the number of false positives and discover new true positives across files.
Interfile analysis is available for C, C++, Golang, Java, Kotlin, and JavaScript/TypeScript.
Pro Engine provides interprocedural analysis, including dataflow analysis methods such as taint analysis, constant propagation, and typed metavariables.
Interprocedural analysis is available for all languages supported by Semgrep and is currently experimental.
In addition to all the languages supported by Semgrep Community Edition, Semgrep Pro Engine also supports enterprise languages such as Apex.
Discover more true positives: advanced code analysis helps uncover more complex vulnerabilities across files and procedures.
Reduce false positives: dataflow analysis features such as taint-tracking can, for example, see whether tainted user inputs are able to reach an unsafe SQL statement via a long chain of function calls.
Easily scan your code and avoid rollout and management headaches.
Scan more rapidly than other advanced analysis tools.
Rule syntax is very similar to the source code itself -> no need to understand abstract syntax trees or learn a domain-specific language.
For interfile analysis, Golang, Java, JavaScript, Kotlin, and TypeScript are supported.
For interprocedural analysis, 30+ languages are supported.