Browse by Solution
Community Rules
Semgrep OSS
Pro Rules
Semgrep Pro Engine
Showing 22 of 167 results for ""
Videos
View all videosClint Collabs with Jim Manico: How to Prevent Broken Access Controls
Watch this recording to learn tips and tricks about how to prevent Broken Access Control from entering your code with Clint Gibler, Creator of tl;dr sec, and Jim Manico, Founder of Manicode.
Semgrep Code Tour
Go on a tour of Semgrep Code with Product Manager, Raghav Jain!
Teams looking to build a scalable SAST program with the customizability and speed of the Semgrep open-source engine can now enjoy the extended functionality you get with Semgrep Code. With Semgrep Code, you'll get:
- a more powerful code analysis
- developer workflow integrations,
- and necessary feedback loops to ensure that vulnerabilities are not just detected but actually get fixed.
Check out how Semgrep Code works!
To learn more, visit: semgrep.dev/products/semgrep-code
Semgrep Pro Engine Tour
Take a tour of Semgrep's new Pro Engine with Product Manager, Milan Williams. Semgrep Pro Engine is our new advanced analysis system uniquely designed to refine and enhance your results.
Milan explains the two core concepts behind the powerful Semgrep Pro Engine - interfile analysis and dataflow analysis - and how they work together to reduce noise and add explainability for better results.
To learn more, visit: semgrep.dev/products/pro-engine
Announcing Semgrep Code
Semgrep co-founders Isaac Evans and Luke O’Malley announce the latest from Semgrep: Semgrep Code, powered by Pro Engine and Pro rules.
Isaac and Luke share stories about the early days of Semgrep, the impact of Artificial Intelligence and Machine Learning on security engineers, and their vision for the future of the security industry.
To learn more, visit: get.semgrep.dev/product-tour
Reachability analysis in Semgrep Supply Chain
Bence Nagy, Senior Software Engineer, explains 'reachability', a core concept of Semgrep Supply Chain. Semgrep Supply Chain helps you fix the security issues caused by your dependencies, but without flooding you with alerts.
So let's look at what reachability analysis is, and how it lets you prioritize the 2% of alerts that count!
To learn more, visit: semgrep.dev/product/semgrep-supply-chain
Events
View all eventsOn-DemandGlobal
How Yext built a vulnerability management program from scratch using Semgrep
In this webinar, Philip Ayoub, Application Security Engineer at Yext, discusses how he built tooling for vulnerability management from scratch using Semgrep and Snowflake.
Watch On-DemandOn-DemandGlobal
Training 101: Intro to Semgrep Supply Chain
Learn more about Semgrep Supply Chain and how you can quickly scan for reachable vulnerabilities in your code.
Watch On-DemandWebinarGlobal
Clint Collabs: Chris Hughes and Securing your Software Supply Chain
Join our next Clint Collab session as we interview Chris Hughes on Securing your Software Supply Chain
RSVP NowOn-DemandGlobal
Training 201: Understanding Reachability on GitHub with Semgrep Supply Chain
Semgrep Supply Chain’s reachability analysis cuts down the noise and helps prioritize such reachable security issues.
Watch On-DemandOn-DemandGlobal
How Merge finds and fixes vulnerabilities that matter
For the team at Merge.dev, they use Semgrep to easily triage and action on new vulnerabilities in their code.
Watch On-DemandOn-DemandGlobal
Training 101: Intro to Pro Engine
Semgrep Pro Engine further enables teams by allowing them to analyze code across files using taint analysis, constant propagation, and other advanced analysis methods.
Watch On-Demand