<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="robots" content=""> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-WSN4QTD');</script> <!-- OneTrust Cookies Consent Notice start for semgrep.dev --> <script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" type="text/javascript" charset="UTF-8" data-domain-script="d2630f3a-c780-4ef8-a89b-711ec462d6f5" ></script> <script type="text/javascript"> function OptanonWrapper() { } </script> <!-- OneTrust Cookies Consent Notice end for semgrep.dev --> <script> var hostname = window.location && window.location.hostname !== "localhost" ? window.location.hostname : "semgrep.dev"; window["_fs_host"] = hostname + "/fs"; window["_fs_script"] = hostname + "/fs/s/fs.js"; window["_fs_org"] = "S99QT"; window["_fs_namespace"] = "FS"; !(function (m, n, e, t, l, o, g, y) { var s, f, a = (function (h) { return ( !(h in m) || (m.console && m.console.log && m.console.log( 'FullStory namespace conflict. Please set window["_fs_namespace"].' ), !1) ); })(e); function p(b) { var h, d = []; function j() { h && (d.forEach(function (b) { var d; try { d = b[h[0]] && b[h[0]](h[1]); } catch (h) { return void (b[3] && b[3](h)); } d && d.then ? d.then(b[2], b[3]) : b[2] && b[2](d); }), (d.length = 0)); } function r(b) { return function (d) { h || ((h = [b, d]), j()); }; } return ( b(r(0), r(1)), { then: function (b, h) { return p(function (r, i) { d.push([b, h, r, i]), j(); }); }, } ); } a && ((g = m[e] = (function () { var b = function (b, d, j, r) { function i(i, c) { h(b, d, j, i, c, r); } r = r || 2; var c, u = /Async$/; return u.test(b) ? ((b = b.replace(u, "")), "function" == typeof Promise ? new Promise(i) : p(i)) : h(b, d, j, c, c, r); }; function h(h, d, j, r, i, c) { return b._api ? b._api(h, d, j, r, i, c) : (b.q && b.q.push([h, d, j, r, i, c]), null); } return (b.q = []), b; })()), (y = function (b) { function h(h) { "function" == typeof h[4] && h[4](new Error(b)); } var d = g.q; if (d) { for (var j = 0; j < d.length; j++) h(d[j]); (d.length = 0), (d.push = h); } }), (function () { ((o = n.createElement(t)).async = !0), (o.crossOrigin = "anonymous"), (o.src = "https://" + l), (o.onerror = function () { y("Error loading " + l); }); var b = n.getElementsByTagName(t)[0]; b && b.parentNode ? b.parentNode.insertBefore(o, b) : n.head.appendChild(o); })(), (function () { function b() {} function h(b, h, d) { g(b, h, d, 1); } function d(b, d, j) { h("setProperties", { type: b, properties: d }, j); } function j(b, h) { d("user", b, h); } function r(b, h, d) { j( { uid: b, }, d ), h && j(h, d); } (g.identify = r), (g.setUserVars = j), (g.identifyAccount = b), (g.clearUserCookie = b), (g.setVars = d), (g.event = function (b, d, j) { h( "trackEvent", { name: b, properties: d, }, j ); }), (g.anonymize = function () { r(!1); }), (g.shutdown = function () { h("shutdown"); }), (g.restart = function () { h("restart"); }), (g.log = function (b, d) { h("log", { level: b, msg: d }); }), (g.consent = function (b) { h("setIdentity", { consent: !arguments.length || b }); }); })(), (s = "fetch"), (f = "XMLHttpRequest"), (g._w = {}), (g._w[f] = m[f]), (g._w[s] = m[s]), m[s] && (m[s] = function () { return g._w[s].apply(this, arguments); }), (g._v = "2.0.0")); })(window, document, window._fs_namespace, "script", window._fs_script); FS('setProperties', { type: 'page', properties: { environment: 'marketing-website' } }) </script> <script type="text/javascript"> (function() { var didInit = false; function initMunchkin() { if(didInit === false) { didInit = true; Munchkin.init('825-QQZ-896'); } } var s = document.createElement('script'); s.type = 'text/javascript'; s.async = true; s.src = '//munchkin.marketo.net/munchkin.js'; s.onreadystatechange = function() { if (this.readyState == 'complete' || this.readyState == 'loaded') { initMunchkin(); } }; s.onload = initMunchkin; document.getElementsByTagName('head')[0].appendChild(s); })(); /*! * Author: Jon Bourne, Kurt Koller * Company: Digital Pi, digitalpi.com * Copyright: Digital Pi, LLC * License: Released under MIT License. This notice must be included in all uses of this software. * Revised: 2021-11-10 */ (function () { 'use strict'; // sleep time expects milliseconds function sleep (time) { return new Promise(function (resolve) { setTimeout(resolve, time); }); }; /****************** CONFIGURATION VARIABLES ******************/ // Use Marketo's SOAP API names of corresponding UTM fields var utmFields = { 'utm_medium' : 'UTM_Medium__c' , 'utm_source' : 'UTM_Source__c' , 'utm_campaign' : 'UTM_Campaign__c' , 'utm_content' : 'UTM_Content__c' , 'utm_term' : 'UTM_Term__c' , 'utm_adgroup' : 'uTMAdgroup' }; // Use Marketo's SOAP API names of corresponding _original_ UTM fields var utmOrigFields = { 'utm_medium' : 'originalUTMMedium' , 'utm_source' : 'originalUtmSource' }; /**************** DO NOT EDIT BELOW THIS LINE ****************/ var version = '211110'; var cookieName = 'dpi_utmVals'; var cookieOrigName = 'dpi_utmOrigVals'; var cookieExpiry = 180; // in days var cookieDomain = ''; var _ = function(msg) { if(location.hash === '#debug') { console.log(msg); } }; var getQueryVar = function(queryVar) { queryVar = queryVar.replace(/[*+?^$.\[\]{}()|\\\/]/g, "\\$&"); var match = location.search.match(new RegExp("[?&]"+queryVar+"=([^&]+)(&|$)")); return match && decodeURIComponent(match[1].replace(/\+/g, " ")); }; // Cookie CRUD functions from plainjs.com var getCookie = function(name) { var v = document.cookie.match('(^|;) ?' + name + '=([^;]*)(;|$)'); return v ? JSON.parse(window.decodeURIComponent(v[2])) : null; }; var setCookie = function(name, value, days, domain) { var d = new Date(); d.setTime(d.getTime() + 24*60*60*1000*days); var cookieDomain = ''; if(typeof domain === 'string' && domain.length > 0) { cookieDomain = ';domain=.'+domain; } document.cookie = name + "=" + window.encodeURIComponent(JSON.stringify(value)) + ";path=/;expires=" + d.toGMTString() + cookieDomain; }; var deleteCookie = function(name, domain) { setCookie(name, '', -1, domain); }; var getCookieDomain = function() { var dpi_testCookie = 'dpi_test'; var hostname = location.hostname.split('.'); var cookieDomain = ''; for(var i = hostname.length - 1; i >= 0; i--) { cookieDomain = (cookieDomain.length > 0) ? hostname[i] + '.' + cookieDomain : hostname[i]; setCookie(dpi_testCookie,cookieDomain,1,cookieDomain); if(getCookie(dpi_testCookie)) { deleteCookie(dpi_testCookie, cookieDomain); return cookieDomain; } else { if(i===0) { return null; } } } }; var recordNone = function() { _('Checking for ' + cookieOrigName + ' cookie...'); if( getCookie(cookieOrigName) ) { _(cookieOrigName + ' cookie already set; no change'); } else { var tmp = {}; Object.keys(utmOrigFields).forEach(function(k){ tmp[utmOrigFields[k]] = 'none'; }); setCookie(cookieOrigName, tmp , cookieExpiry, cookieDomain ); _('Set ' + cookieOrigName + ' cookie with "none"'); } }; var init = function() { _('Running init() function'); sleep(1000); var queryUtmVals = {}; var queryOrigUtmVals = {}; var qsVar = ''; var qsVarCount = 0; var cookies = [ cookieName , cookieOrigName ]; cookieDomain = getCookieDomain(); _('Cookie domain is ' + cookieDomain); // Create or update tracking cookies _('Checking for query string...'); if(location.search.length) { _('Query string found; searching for UTM parameters and values...'); var utm_param; for( utm_param in utmFields ) { qsVar = getQueryVar(utm_param); if(qsVar) { qsVarCount++; queryUtmVals[ utmFields[ utm_param ] ] = qsVar; } else { queryUtmVals[ utmFields[ utm_param ] ] = 'NULL'; } } for( utm_param in utmOrigFields ) { qsVar = getQueryVar(utm_param); if(qsVar) { queryOrigUtmVals[ utmOrigFields[ utm_param ] ] = qsVar; } else { queryOrigUtmVals[ utmOrigFields[ utm_param ] ] = 'none'; } } if(qsVarCount > 0) { _('Found ' + qsVarCount + ' UTM values in query string'); setCookie(cookieName, queryUtmVals , cookieExpiry, cookieDomain ); _('Set ' + cookieName + ' cookie with ' + qsVarCount + ' UTM values'); _('Checking for ' + cookieOrigName + ' cookie...'); if( getCookie(cookieOrigName) ) { _(cookieOrigName + ' cookie already set; no change'); } else { setCookie(cookieOrigName, queryOrigUtmVals , cookieExpiry, cookieDomain ); _('Set ' + cookieOrigName + ' cookie with ' + Object.keys(queryOrigUtmVals).length + ' UTM values'); } } else { _('No UTM values present in query string'); recordNone(); } } else { _('No query string found'); recordNone(); } // Update form from cookies _('Checking for MktoForms2 API...'); if(typeof MktoForms2 === 'object') { _('MktoForms2 API detected'); MktoForms2.whenReady( function(form) { var f = form.getFormElem()[0]; // form element _('Marketo form detected (#mktoForm_' + form.getId() + ')'); cookies.forEach(function(c) { _('Checking for ' + c + ' cookie...'); if( getCookie(c) ) { _('Found ' + c + ' cookie with ' + Object.keys(getCookie(c)).length + ' UTM values'); _('Adding UTM values from ' + c + ' cookie to Marketo form #mktoForm_' + form.getId() ); form.addHiddenFields( getCookie(c) ); if(!f.getAttribute('digitalpi-utms-added')) f.setAttribute('digitalpi-utms-added',true); } else { _(c + ' cookie not found'); } }); form.onSuccess(function(){ _('Marketo form (#mktoForm_' + form.getId() + ') submitted successfully with UTM data; deleting ' + cookieName + ' cookie'); deleteCookie(cookieName, cookieDomain); }); }); } else { _('MktoForms2 API not detected; exiting'); return false; } }; var global = function() { _('_digitalpi object defined in global scope'); window._digitalpi = window._digitalpi || {}; _('_digitalpi.trackUTMs() defined in global scope'); window._digitalpi.trackUTMs = function() { init(); }; }; var c = function() { var b = '%cUTM Tracking for %cMarketo. %c❤%c, @digitalpi. %cVersion: '+version+'. Append #debug to URL to enable console logging.'; var p = { 1:"WFhYWCAgIFhYWFhYWFhYICAgIFhYWFg=",2:"ICAgIFhYWA==", 3:"WFhYWCAgICAgICBYWFhYICAgIFhYWFg=",4:"ICAgIFhYWFhY", 5:"WFhYWFhYWFhYWFhYWFhYWFhYWFhYWFg=",6:"ICAgIFg=", 7:"WFhYWCAgIFhYICAgWFhYICAgIFhYWFg=" }; var lap = [5,5,3,7,7,3,1,1,5,5,4,2,6]; var la = ''; lap.forEach(function(e){ la+=atob(p[e])+"\n"; }); console.log( b, 'font-weight:bold;color:#646669', 'font-weight:bold;color:#5944b0', 'font-size:125%;color:#3AA5B6', 'color:#3AA5B6', 'font-weight:normal;color:#C4C6C9' ); if(location.hash === '#debug') { console.log( '%c'+la+"%cUTM Tracking for Marketo\n%cAuthor: Jon Bourne, jonbourne.com\nCompany: Digital Pi, digitalpi.com\nVersion: "+version, 'color:#3AA5B6', 'font-weight:bold;color:#3AA5B6', 'color:#C4C6C9' ); } }; if(/complete|interactive|loaded/.test(document.readyState)) { _('Document loaded; calling init()'); c(); init(); global(); } else { _('Document not loaded; setting DOMContentLoaded event listener to call init()'); document.addEventListener('DOMContentLoaded', function() { _('DOMContentLoaded event fired; calling init()'); c(); init(); global(); }); } })(); </script> <link defer href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous"> <script defer src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script> <link defer rel="preconnect" href="https://fonts.googleapis.com"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link href="https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&family=JetBrains+Mono:ital,wght@0,100..800;1,100..800&display=swap" rel="stylesheet"> <link href="https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400..900;1,400..900&display=swap" rel="stylesheet"> <link rel="icon" href="https://semgrep.dev/build/assets/favicon-32x32-CLzO_3Uq.png" type="image/png"> <link rel="icon" href="https://semgrep.dev/build/assets/favicon-CIx-xpG_.svg" type="image/svg"> <title>Semgrep | Homepage</title> <meta name="description" content="We're a startup passionate about improving software security and reliability."> <meta name="keywords" content=""> <meta name="og:locale" content="en_US" /> <meta name="og:type" content="website" /> <meta property="og:title" content="Semgrep | Homepage" /> <meta property="og:description" content="" /> <meta property="og:image" content="/assets/content/global/blog-thumbnail-default.png" /> <meta property="og:site_name" content="Semgrep" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="Semgrep | Homepage" /> <meta name="twitter:description" content="" /> <meta name="twitter:site" content="@semgrep" /> <meta name="twitter:creator" content="@semgrep" /> <meta name="twitter:domain" content="https://semgrep.dev" /> <meta name="twitter:image" content="/assets/content/global/blog-thumbnail-default.png" /> <link rel="preload" as="style" href="https://semgrep.dev/build/assets/swiperSlider-BwXjGcf2.css" /><link rel="preload" as="style" href="https://semgrep.dev/build/assets/site-D4NGW980.css" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/site--3eWExt6.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/algoliaSearch-CqHK7bdt.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/swiperSlider-ejGSTYYZ.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/lotties-Ck8rVVYN.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/horizontalSwitchPanel-BTBZldXu.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/quoteSlider-3LAs57W3.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/logoCarousel-DWaqatF6.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/productUpdates-CyBzbXRM.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/globalEventDelegator--NI9ZYaP.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/accordionImage-CYZ76r4X.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/teamSlider-CO6WVg1P.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/quoteSlider-CFf4E6o1.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/codeGallery-Dokl9-go.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/tableOfContents-B4e5uSyf.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/nav-C3jd-Qb4.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/popup-CxkHJUOC.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/progressBar-CSBnvZNk.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/blog-DcJl1z8q.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/faq-eAOAKFaN.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/testimonial-1QVPqvtM.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/loadRive-DvlnmRjV.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/algoliasearch-lite.umd-B02VBzHB.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/_commonjsHelpers-Cpj98o6Y.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/utils-CQYuNX0J.js" /><link rel="modulepreload" href="https://semgrep.dev/build/assets/objectWithoutPropertiesLoose-Dsqj8S3w.js" /><link rel="stylesheet" href="https://semgrep.dev/build/assets/swiperSlider-BwXjGcf2.css" /><link rel="stylesheet" href="https://semgrep.dev/build/assets/site-D4NGW980.css" /><script type="module" src="https://semgrep.dev/build/assets/site--3eWExt6.js"></script> <!-- ALGOLIA STYLES --> <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/instantsearch.css@8.3.0/themes/reset-min.css" integrity="sha256-D+cGTF0LVHjuEf+CDRkHeNw/KTHPg47t1AA/qmzxgtA=" crossorigin="anonymous"> </head> <body id="home"> <!-- Google Tag Manager (noscript) --> <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-WSN4QTD" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <section class="partial nav mint "> <div class="sticky-wrapper"> <div class="component topbar d-none d-sm-block"> <div class="container-fluid"> <div class="row"> <div class="col-12 flex-wrapper"> <span class="banner d-none d-lg-inline-block"> <p>Attending RSA? We’d love to meet you there! <a href="https://semgrep.dev/rsa">Learn more</a></p> </span> <nav> <a href="/login/">Sign in</a> <a href="/resources/customer-success/">Product support</a> <a href="/contact-us/">Contact us</a> </nav> </div> </div> </div> </div> <div class="component main-nav "> <div class="container-fluid"> <div class="row"> <nav class="col-12 full-screen"> <div class="left-container"> <a class="logo" href="/"> <img src="https://semgrep.dev/build/assets/semgrep-logo-dark-F_zJCZNg.svg" alt="click to navigate to the homepage" /> </a> <ul> <li class=""> <a href="/"> Products <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> <div class="animated-border"></div> </a> <div class="dropdown-wrapper"> <div class="dropdown multi-col "> <div class="nav-column"> <label class="eyebrow">Products</label> <ul> <li> <a href="/products/semgrep-code"> <img src="/assets/icons/code.svg"> <div> <span>Code</span> <p>Find and fix the issues that matter in your code (SAST)</p> </div> </a> </li> <li> <a href="/products/semgrep-supply-chain"> <img src="/assets/icons/shield.svg"> <div> <span>Supply Chain</span> <p>Find and fix reachable dependency vulnerabilities (SCA)</p> </div> </a> </li> <li> <a href="/products/semgrep-secrets"> <img src="/assets/icons/secrets.svg"> <div> <span>Secrets</span> <p>Find and fix hardcoded secrets with semantic analysis</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <label class="eyebrow">Platform</label> <ul> <li> <a href="/products/semgrep-code/assistant"> <img src="/assets/icons/assistant.svg"> <div> <span>Assistant</span> <p>Get triage and code fix recommendations from AI</p> </div> </a> </li> <li> <a href="/products/semgrep-appsec-platform"> <img src="/assets/icons/cloud.svg"> <div> <span>AppSec Platform</span> <p>Automate, manage, and enforce security across your organization</p> </div> </a> </li> <li> <a href="/products/pro-engine"> <img src="/assets/icons/zap.svg"> <div> <span>Pro Engine</span> <p>Find more true positives and fewer false positives with dataflow analysis</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <label class="eyebrow">Featured</label> <ul> <li> <a href="https://semgrep.dev/explore"> <div> <span>Registry</span> <p>Find rules written by Semgrep and the community</p> </div> </a> </li> <li> <a href="https://semgrep.dev/playground/new"> <div> <span>Playground</span> <p>Write and share rules using our online interactive tool</p> </div> </a> </li> <li> <a href="/products/product-updates"> <div> <span>Product Updates</span> <p>Stay up to date on changes to the Semgrep platform, big and small</p> </div> </a> </li> </ul> </div> </div> </div> </li> <li class=" single-col "> <a href="/"> Solutions <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> <div class="animated-border"></div> </a> <div class="dropdown-wrapper"> <div class="dropdown "> <div class="nav-column"> <ul> <li> <a href="/solutions/supply-chain-security/"> <img src="/assets/icons/software-supply-chain-security-icon.svg"> <div> <span>Software Supply Chain Security</span> <p>Mitigate software supply chain risks</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <ul> <li> <a href="/solutions/static-application-security-testing/"> <img src="/assets/icons/sast-icon.svg"> <div> <span>Static Application Security Testing</span> <p>Increase security while accelerating development</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <ul> <li> <a href="/solutions/owasp-top-ten/"> <img src="/assets/icons/owasp-t10.svg"> <div> <span>OWASP Top 10</span> <p>Prevent the most critical web application security risks</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <ul> <li> <a href="/solutions/secure-guardrails/"> <img src="/assets/icons/shield-1.svg"> <div> <span>Secure Guardrails</span> <p>Protect Your Code with Secure Guardrails</p> </div> </a> </li> </ul> </div> </div> </div> </li> <li class=""> <a href="/"> Resources <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> <div class="animated-border"></div> </a> <div class="dropdown-wrapper"> <div class="dropdown multi-col "> <div class="nav-column"> <ul> <li> <a href="/docs/"> <img src="/assets/icons/book.svg"> <div> <span>Docs</span> <p>Want the docs? Start here</p> </div> </a> </li> <li> <a href="/blog/"> <img src="/assets/icons/file-text.svg"> <div> <span>Blog</span> <p>Get the latest news about Semgrep</p> </div> </a> </li> <li> <a href="/resources/calculator/"> <img src="/assets/icons/money.svg"> <div> <span>ROI Calculator</span> <p>See how Semgrep can save you time and money</p> </div> </a> </li> <li> <a href="https://semgrep.slack.com/join/shared_invite/zt-2kyavz0b6-7rgTuOZAV0XiQ2nDynCGrA#/shared-invite/email"> <img src="/assets/icons/calendar.svg"> <div> <span>Community Slack</span> <p>Join the friendly Slack group to ask questions or share feedback</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <ul> <li> <a href="/events/"> <img src="/assets/icons/calendar.svg"> <div> <span>Events</span> <p>Join us at a Semgrep Event!</p> </div> </a> </li> <li> <a href="/case-studies/"> <img src="/assets/icons/file-text.svg"> <div> <span>Case Studies</span> <p>See why users love Semgrep</p> </div> </a> </li> <li> <a href="/resources/customer-success/"> <img src="/assets/icons/money.svg"> <div> <span>Customer Success</span> <p>Get help from Semgrep’s Customer Success team</p> </div> </a> </li> <li> <a href="/events/video-library/"> <img src="/assets/icons/zap.svg"> <div> <span>Video Library</span> <p>View our library of on-demand webinars</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <label class="eyebrow">Featured</label> <ul> <li> <a href="/resources/semgrep-vs-snyk/"> <div> <label class="green">Comparison</label> <span>Semgrep vs. Snyk</span> <p>Learn how Semgrep improves accuracy, saves time, and delivers a superior developer experience.</p> </div> </a> </li> <li> <a href="/blog/2024/appsec-guides-not-gates-introducing-secure-guardrails-with-semgrep/"> <div> <label class="green">Blog</label> <span>AppSec guides, not gates: Introducing secure guardrails with Semgrep</span> <p></p> </div> </a> </li> <li> <a href="/blog/2025/maturing-your-application-security-program-survey/"> <div> <label class="green">Blog</label> <span>Maturing Your Application Security Program Survey</span> <p></p> </div> </a> </li> </ul> </div> </div> </div> </li> <li class=" single-col "> <a href=""> Company <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> <div class="animated-border"></div> </a> <div class="dropdown-wrapper"> <div class="dropdown "> <div class="nav-column"> <ul> <li> <a href="/about/"> <img src="/assets/icons/rocket-icon.svg"> <div> <span>About</span> <p>The Semgrep story & values</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <ul> <li> <a href="/about/careers/"> <img src="/assets/icons/briefcase-icon.svg"> <div> <span>Careers</span> <p>Join the team!</p> </div> </a> </li> </ul> </div> <div class="nav-column"> <ul> <li> <a href="/partners/"> <img src="/assets/icons/handshake-icon.svg"> <div> <span>Partners</span> <p>Become a Semgrep partner</p> </div> </a> </li> </ul> </div> </div> </div> </li> <li class=" single-col "> <a href="/pricing/"> Pricing <div class="animated-border"></div> </a> </li> </ul> </div> <!-- CTA BUTTONS --> <div class="molecule buttons"> <a class="molecule button primary " href="/contact/demo"> Book demo </a> <a class="molecule button secondary " href="/login"> Try for free </a> </div> </nav> <nav class="col-12 mobile"> <a class="logo" href="/"> <img src="https://semgrep.dev/build/assets/semgrep-logo-dark-F_zJCZNg.svg" alt="click to navigate to the homepage" /> </a> <div class="right-container"> <div class="d-none d-sm-inline-block"> <div class="molecule buttons"> <a class="molecule button primary " href="/contact/demo"> Book demo </a> <a class="molecule button secondary " href="/login"> Try for free </a> </div> </div> <div class="mobile-button"> <img src="https://semgrep.dev/build/assets/menu-Cev7CaPt.svg" class="menu-icon"> <img src="https://semgrep.dev/build/assets/close-94g2KY78.svg" class="close-icon"> </div> </div> </nav> </div> </div> </div> <div id="mobile-nav"> <ul> <li> <a data-click="expand" > Products <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> </a> <ul> <li> <img src="/assets/icons/code.svg"> <div class="right-col"> <a href="/products/semgrep-code/">Semgrep Code</a> <p>Find and fix the issues that matter in your code (SAST)</p> </div> </li> <li> <img src="/assets/icons/shield.svg"> <div class="right-col"> <a href="/products/semgrep-supply-chain/">Semgrep Supply Chain</a> <p>Find and fix reachable dependency vulnerabilities (SCA)</p> </div> </li> <li> <img src="/assets/icons/secrets.svg"> <div class="right-col"> <a href="/products/semgrep-secrets/">Semgrep Secrets</a> <p>Find and fix hardcoded secrets with semantic analysis</p> </div> </li> <li> <img src="/assets/icons/assistant.svg"> <div class="right-col"> <a href="/products/semgrep-code/assistant/">Semgrep Assistant</a> <p>Get triage and code fix recommendations from AI</p> </div> </li> <li> <img src="/assets/icons/cloud.svg"> <div class="right-col"> <a href="/products/semgrep-appsec-platform/">Semgrep AppSec Platform</a> <p>Automate, manage, and enforce security across your organization</p> </div> </li> <li> <img src="/assets/icons/zap.svg"> <div class="right-col"> <a href="/products/pro-engine/">Semgrep Pro Engine</a> <p>Find more true positives and fewer false positives with dataflow analysis</p> </div> </li> <li> <div class="right-col"> <a href="/products/product-updates/">Product Updates</a> <p>Stay up to date on changes to the Semgrep platform, big and small</p> </div> </li> </ul> </li> <li> <a data-click="expand" > Solutions <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> </a> <ul> <li> <img src="/assets/icons/software-supply-chain-security-icon.svg"> <div class="right-col"> <a href="/solutions/supply-chain-security/">Software supply chain security</a> <p>Mitigate software supply chain risks</p> </div> </li> <li> <img src="/assets/icons/sast-icon.svg"> <div class="right-col"> <a href="/solutions/static-application-security-testing/">Static application security testing</a> <p>Increase security while accelerating development</p> </div> </li> <li> <img src="/assets/icons/owasp-t10.svg"> <div class="right-col"> <a href="/solutions/owasp-top-ten/">OWASP Top 10</a> <p>Prevent the most critical web application security risks</p> </div> </li> </ul> </li> <li> <a data-click="expand" > Resources <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> </a> <ul> <li> <img src="/assets/icons/book.svg"> <div class="right-col"> <a href="/docs/">Docs</a> <p>Want to read all the docs? Start here</p> </div> </li> <li> <img src="/assets/icons/file-text.svg"> <div class="right-col"> <a href="/blog/">Blog</a> <p>Get the latest news about Semgrep</p> </div> </li> <li> <img src="/assets/icons/money.svg"> <div class="right-col"> <a href="/resources/calculator/">ROI Calculator</a> <p>See how Semgrep can save you time and money</p> </div> </li> <li> <img src="/assets/icons/calendar.svg"> <div class="right-col"> <a href="https://semgrep.slack.com/join/shared_invite/zt-2kyavz0b6-7rgTuOZAV0XiQ2nDynCGrA#/shared-invite/email">Community Slack</a> <p>Join the friendly Slack group to ask questions or share feedback</p> </div> </li> <li> <img src="/assets/icons/calendar.svg"> <div class="right-col"> <a href="/events/">Events</a> <p>Join us at a Semgrep Event!</p> </div> </li> <li> <img src="/assets/icons/file-text.svg"> <div class="right-col"> <a href="/case-studies/">Case Studies</a> <p>See why users love Semgrep</p> </div> </li> <li> <img src="/assets/icons/zap.svg"> <div class="right-col"> <a href="/events/video-library/">Video Library</a> <p>View our library of on-demand webinars</p> </div> </li> </ul> </li> <li> <a data-click="expand" > Company <img class="arrow" src="https://semgrep.dev/build/assets/down-arrow-DesGgE7y.svg"> </a> <ul> <li> <img src="/assets/icons/rocket-icon.svg"> <div class="right-col"> <a href="/about/">About</a> <p>The Semgrep story & values</p> </div> </li> <li> <img src="/assets/icons/briefcase-icon.svg"> <div class="right-col"> <a href="/about/careers/">Careers</a> <p>Join the team!</p> </div> </li> <li> <img src="/assets/icons/handshake-icon.svg"> <div class="right-col"> <a href="/partners/">Partners</a> <p>Become a Semgrep partner</p> </div> </li> </ul> </li> <li> <a href="/pricing/" > Pricing </a> </li> <li> <a href="/login/" > Sign in </a> </li> <li> <a href="/resources/customer-success/" > Product support </a> </li> <li> <a href="/contact-us/" > Contact us </a> </li> <li class="buttons"> <div class="molecule buttons"> <a class="molecule button primary " href="/contact/demo"> Book demo </a> <a class="molecule button secondary " href="/login"> Try for free </a> </div> </li> </ul> </div> </div> </section> <section class="mint-component hero padding-horizontal padding-top-400 bg-mint-basewhite-up homepage-class "> <div class="container-fluid hero-container"> <div class="row align-items-center row-gap-5"> <div class="col-12 "> <div class="content"> <h1 class="mint "><p>Meet Your New<br /> <strong>AI AppSec Engineer</strong></p> </h1> <div class="subheader green-checklists"><p>All the insights from static analysis. None of the false positives.</p> </div> <div class="molecule buttons"> <a class="molecule button primary with-arrow mint" href="https://semgrep.dev/products/semgrep-code/assistant"> Do more with Semgrep Assistant </a> </div> </div> </div> <div style="display: flex; justify-content: center; margin-bottom: 40px;" id="rive-container"> <div class="rive-container js-load-rive" style="position: relative; width: 100%; max-width: 1170px; height: 334px; aspect-ratio: 1170 / 334; " data-rive-url="/assets/assistant-hero.riv" data-artboard="1170x334 - V2" data-state-machine="State Machine 1"> <canvas id="rive-canvas" class="rive rive-canvas" style="position: absolute; left: 0; top: 0; width: 100%; height: 100%; object-fit: cover; "> </canvas> </div> </div> </div> </div> </section> <section class="mint-component logo-carousel bg-mint-200 padding-vertical-200-static grayscale "> <label class="eyebrow large">loved by leading engineering teams</label> <div class="parent"> <div class="d-flex"> <div class="d-flex flex-row py-5 align-items-flex-start" id="logo-carousel"> <img src="/assets/logos/a.storyblok.webp" /> <img src="/assets/logos/dropbox-svg.svg" /> <img src="/assets/logos/snowflake-logo.svg" /> <img src="/assets/logos/hashicorp.svg" /> <img src="/assets/logos/trail-of-bits-logo.svg" /> <img src="/assets/logos/gitlab-full.svg" /> <img src="/assets/logos/figma-logo.svg" /> <img src="/assets/logos/a.storyblok.webp" /> <img src="/assets/logos/dropbox-svg.svg" /> <img src="/assets/logos/snowflake-logo.svg" /> <img src="/assets/logos/hashicorp.svg" /> <img src="/assets/logos/trail-of-bits-logo.svg" /> <img src="/assets/logos/gitlab-full.svg" /> <img src="/assets/logos/figma-logo.svg" /> </div> </div> </div> </section> <section class="mint-component header padding-horizontal padding-vertical-400 bg-neutral-50 text-align-center "> <div class="container-fluid"> <div class="row"> <div class="col-12 content"> <h2><p>Developers trust findings from Semgrep</p> </h2> <div class="subheader"> </div> </div> </div> </div> </section> <section class="mint-component two-col-info padding-horizontal padding-vertical-400 bg-neutral-50"> <div class="container-fluid"> <div class="row"> <div class="col-12 col-lg-6"> <div class="content"> <h3><p>Say goodbye to <strong>false positives</strong></p> </h3> <ul> <li>Get findings you feel confident bringing to developers across <strong>SAST</strong>, <strong>SCA</strong>, and <strong>Secrets</strong> scanning</li> <li>Filter out the false positives that traditional SAST tools <strong><em>always</em></strong> flag with contextual, AI-powered noise filtering</li> <li>Reduce false positives in high/critical dependency vulnerabilities by <strong>up to 98%</strong> with dataflow reachability analysis</li> </ul> <div class="molecule buttons"> </div> </div> </div> <div class="col-12 col-lg-6"> <div class="image" style="background-image: url('/assets/content/homepage/sg-home-sb-01.svg')"></div> </div> </div> </div> </section> <section class="mint-component two-col-info padding-horizontal reversed padding-vertical-400 bg-neutral-50"> <div class="container-fluid"> <div class="row"> <div class="col-12 col-lg-6"> <div class="content"> <h3><p>Eliminate <strong>developer friction</strong></p> </h3> <ul> <li>Automatically hide likely false positives from developers with AI powered noise filtering</li> <li>Give developers tailored remediation guidance + code fixes at scale with Semgrep Assistant</li> <li>Present findings and fixes to developers in their native workflows (PR comments, Jira, IDE)</li> </ul> <div class="molecule buttons"> </div> </div> </div> <div class="col-12 col-lg-6"> <div class="image" style="background-image: url('/assets/content/homepage/sg-home-sb-02.svg')"></div> </div> </div> </div> </section> <section class="mint-component two-col-info padding-horizontal padding-bottom-400 bg-neutral-50"> <div class="container-fluid"> <div class="row"> <div class="col-12 col-lg-6"> <div class="content"> <h3><p>Easily <strong>operationalize and scale</strong></p> </h3> <ul> <li>Get custom SAST <strong>without the customization</strong> - Assistant codifies security-relevant context based on human triage</li> <li>Programmatically eliminate <strong>OWASP Top Ten</strong> issues with policies, guardrails, and AI-powered fixes</li> <li><strong>Automate routine triage</strong> and remediation with Assistant, so you can focus on scaling your AppSec program</li> </ul> <div class="molecule buttons"> </div> </div> </div> <div class="col-12 col-lg-6"> <div class="image" style="background-image: url('/assets/content/homepage/sg-home-sb-03.svg')"></div> </div> </div> </div> </section> <section class="mint-component static-logos padding-vertical-600 bg-neutral-50 "> <div class="container-fluid"> <div class="row"> <div class="col-12 text-center wrapper"> <label class="eyebrow large">works with over 30+ frameworks and technologies</label> <div class="logo-container "> <div class="logo"> <img src="/assets/logos/python-logo.svg" alt=""/> </div> <div class="logo"> <img src="/assets/logos/js.png" alt=""/> </div> <div class="logo"> <img src="/assets/logos/typescript-logo.svg" alt=""/> </div> <div class="logo"> <img src="/assets/logos/go.png" alt=""/> </div> <div class="logo"> <img src="/assets/logos/ruby.svg" alt=""/> </div> <div class="logo"> <img src="/assets/logos/github-logo.svg" alt=""/> </div> <div class="logo"> <img src="/assets/logos/gitlab-logo.svg" alt=""/> </div> <div class="logo"> <img src="/assets/logos/circleci.svg" alt=""/> </div> <div class="logo"> <img src="/assets/logos/jenkins.svg" alt=""/> </div> </div> </div> </div> </div> </section> <section class="mint-component icon-grid padding-vertical-400 bg-mint-offwhite-up padding-horizontal"> <div class="container-fluid"> <div class="row flex-container"> <div class="col-12 col-lg-6"> <header> <h2 class="h3"><p>Custom-tailored, <strong>without the customization</strong></p> </h2> </header> </div> <div class="col-12"> <div class="entries "> <div class="mint-molecule icon-grid-entry"> <img src="/assets/icons/fi-customizable.svg"> <h5>Adaptable</h5> <div class="body"> <p>Whether you're an AppSec team of one, one thousand, or anywhere in between, Semgrep provides the exact capabilities you need <strong>without complex configuration</strong>.</p> </div> </div> <div class="mint-molecule icon-grid-entry"> <img src="/assets/icons/fi-extensible.svg"> <h5>Extensible</h5> <div class="body"> <p>Semgrep runs anywhere you need it, from CLI to CI/CD. Findings can be surfaced in developer workflows, the Semgrep AppSec Platform, or in your existing tools via API.</p> </div> </div> <div class="mint-molecule icon-grid-entry"> <img src="/assets/icons/fi-transparent.svg"> <h5>Transparent</h5> <div class="body"> <p>Semgrep was designed from the ground up with transparency as a foundational principal. From its simple, code-like rules to its AI capabilities, <strong>everything is visible and easy to troubleshoot</strong>.</p> </div> </div> <div class="mint-molecule icon-grid-entry"> <img src="/assets/icons/fi-fast.svg"> <h5>Ludicrously Fast</h5> <div class="body"> <p>Semgrep's median CI scan time is 10 seconds, and even advanced analyses run faster than a developer's commit-flow.</p> </div> </div> </div> </div> </div> </div> </section> <section class="mint-component quote-slider padding-vertical-600 bg-neutral-50"> <div class="container-fluid"> <div class="row"> <div class="col-12"> <div class="wrapper"> <div class="controls"> <div class="button left inactive" data-value="-1"><img src="https://semgrep.dev/build/assets/arrow-backward-B4oAzxRG.svg"></div> <div class="button right" data-value="1"><img src="https://semgrep.dev/build/assets/arrow-forward-DuyDxbNc.svg"></div> </div> <div class="slide-container"> <div class="slide"> <div class="content"> <img class="logo" src="/assets/logos/thinkific-svg-logo.svg"> <div class="quote"> "<p>Getting developers aligned on a SAST product and having them actually use it is the hardest part of the job for an AppSec Engineer. We were able to achieve this with Semgrep Code.</p> " </div> </div> <div class="bio"> <img src="/assets/people/aleksandr-krasnov.jpeg"> <div class="info"> <div class="name"><strong>Aleksandr Krasnov</strong></div> <div class="title">Staff Security Engineer, Thinkific</div> </div> </div> </div> <div class="slide"> <div class="content"> <img class="logo" src="/assets/logos/figma-logo.svg"> <div class="quote"> "<p>Figmates get actionable security feedback in their PRs, while rule analytics give security feedback on their effectiveness. The simple syntax lets us extend Semgrep to catch new [vulnerabilities], going from idea to live in an hour.</p> " </div> </div> <div class="bio"> <img src="/assets/people/dev-ahkawe.png"> <div class="info"> <div class="name"><strong>Dev Ahkawe</strong></div> <div class="title">Head of Security, Figma</div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="mint-component two-col-cta padding-horizontal padding-vertical-600 bg-mint-offwhite-up"> <div class="container-fluid"> <div class="row"> <div class="col-12 wrapper"> <div class="content"> <h2 class="h1"><p><strong>Shift left</strong> without<br /> the developer<br /> productivity tax.</p> </h2> <div class="molecule buttons"> <a class="molecule button primary " href="/contact/demo"> Book a demo </a> <a class="molecule button secondary " href="/login"> Learn more </a> </div> </div> <div class="mint-molecule quote"> <div class="bio"> <img src="/assets/people/rob-picard.jpg"> <div class="info"> <div class="name"><strong>Rob Picard</strong></div> <div class="title">Security Lead, Vanta</div> </div> </div> <div class="quote"> "<p>It's easy enough to write rules for Semgrep that security and other engineering teams use it to solve complex problems. This flexibility is a huge win, and the library of managed rules means we only have to write our own when we have custom problems.</p> " </div> </div> </div> </div> </div> </div> </section> <footer class="mint"> <div class="container-fluid"> <div class="row"> <div class="col-12"> <div class="left-container"> <div class="logo-wrapper"> <img src="https://semgrep.dev/build/assets/semgrep-logo-light-C4TAJLKl.svg" alt="return home" /> <strong>Protect your code with secure guardrails</strong> </div> <div class="review"> <img src="https://semgrep.dev/build/assets/g2-logo-4xSt8VmV.svg" /> <img src="https://semgrep.dev/build/assets/4-half-stars-ZxI_Rf63.svg" /> </div> </div> <nav> <ul> <li class="header">Products</li> <li><a href="/products/semgrep-code/">Semgrep Code</a></li> <li><a href="/products/semgrep-supply-chain/">Semgrep Supply Chain</a></li> <li><a href="/products/semgrep-appsec-platform/">Semgrep AppSec Platform</a></li> <li><a href="/products/pro-engine/">Semgrep Pro Engine</a></li> </ul> <ul> <li class="header">Solutions</li> <li><a href="/solutions/supply-chain-security/">Software supply chain security</a></li> <li><a href="/solutions/static-application-security-testing/">Static application security testing</a></li> <li><a href="/solutions/owasp-top-ten/">OWASP Top 10</a></li> <li><a href="/solutions/secure-guardrails/">Secure Guardrails</a></li> </ul> <ul> <li class="header">Resources</li> <li><a href="/docs/">Docs</a></li> <li><a href="/pricing/">Pricing</a></li> <li><a href="/blog/">Blog</a></li> <li><a href="/docs/getting-started/quickstart/">Getting started with Semgrep</a></li> <li><a href="/explore/">Registry</a></li> <li><a href="/playground/new/">Playground</a></li> <li><a href="/resources/calculator/">ROI Calculator</a></li> <li><a href="/contact/demo/">Book a demo</a></li> <li><a href="/docs/support/">Help Center</a></li> </ul> <ul> <li class="header">Company</li> <li><a href="/about/">About</a></li> <li><a href="/about/careers/">Careers</a></li> <li><a href="/contact-us/">Contact</a></li> </ul> </nav> </div> </div> <div class="row"> <div class="col-12"> <hr /> </div> </div> <div class="row"> <div class="col-12"> <div class="socials-wrapper"> <div class="text-wrapper"> <h4>Stay up to date</h4> <span>Subscribe to our newsletter</span> </div> <form> <input type="email" placeholder="Enter your email" class="dark"> <input type="submit" class="button primary" value="Subscribe"> </form> <div class="logos"> <a href="https://x.com/semgrep" target="_blank"><img src="https://semgrep.dev/build/assets/twitter-logo-green-BQpgXluv.svg" alt="connect on twitter"></a> <a href="https://go.semgrep.dev/slack" target="_blank"><img src="https://semgrep.dev/build/assets/slack-logo-green-DabQef3I.svg" alt="connect on slack"></a> <a href="https://github.com/semgrep/semgrep" target="_blank"><img src="https://semgrep.dev/build/assets/github-logo-green-DVqynhSi.svg" alt="connect on github"></a> <a href="https://www.youtube.com/c/semgrep" target="_blank"><img src="https://semgrep.dev/build/assets/youtube-logo-green-Df4B_oJ4.svg" alt="connect on youtube"></a> </div> </div> </div> </div> <div class="row"> <div class="col-12"> <div class="legal-wrapper"> <span> © 2025 Semgrep, Inc. Semgrep is a registered trademark of Semgrep, Inc. </span> <div class="legal-links"> <a href="/legal/terms">Website terms</a> &middot; <a href="/legal/privacy">Privacy</a> </div> </div> </div> </div> </div> </footer> </body> </html>