Work Here?
About Semgrep
Industries
Enterprise Software
Cybersecurity
Company Size
51-200
Company Stage
Series D
Total Funding
$187.7M
Headquarters
San Francisco, California
Founded
2017
Overview
Semgrep provides a software solution that helps security engineers and developers find and fix vulnerabilities in their code before it is deployed. The tool integrates into existing workflows and ticketing systems, offering actionable insights that allow developers to trust and act on the results. One of its standout features is the ability to reduce false positives in open-source vulnerabilities by up to 98% through reachability analysis, ensuring that only real threats are flagged. Semgrep's tool is designed for speed, with average scan times of less than 5 minutes and median CI scan times of just 10 seconds, which enhances productivity for engineering teams. Unlike many competitors, Semgrep focuses on delivering accurate results with minimal noise, making it a reliable choice for teams looking to secure their software development life cycle. The goal of Semgrep is to empower engineering teams to proactively manage security risks and improve their software delivery processes.
Simplify's Take
What believers are saying
- Increased demand for integrated security solutions in CI/CD pipelines boosts Semgrep's market relevance.
- The rise of supply chain attacks heightens the need for Semgrep's third-party dependency detection.
- The shift towards DevSecOps aligns with Semgrep's focus on developer-friendly security tools.
What critics are saying
- Increased competition from Snyk and GitHub's CodeQL could impact Semgrep's market position.
- Over-reliance on funding rounds may lead to financial instability if future rounds falter.
- Rapid technological changes in cybersecurity could render Semgrep's tools obsolete without innovation.
What makes Semgrep unique
- Semgrep reduces false positives in vulnerabilities by up to 98% with reachability analysis.
- The tool integrates seamlessly into existing workflows, enhancing SDLC processes for engineering teams.
- Semgrep's average scan time is under 5 minutes, with a median CI scan time of 10 seconds.
Help us improve and share your feedback! Did you find this helpful?
Funding
Total Funding
$187.7M
Meets
Industry Average
Funded Over
4 Rounds
Lightspeed Venture PartnersIndustry standards
Benefits
Health Insurance
Paid Vacation
401(k) Retirement Plan
Professional Development Budget
Flexible Work Hours
Remote Work Options
Growth & Insights and Company News
6 month growth
↑ 1%1 year growth
↑ 0%2 year growth
↑ 16%Semgrep, a leading application security platform, has secured $100 million in Series D funding, led by Menlo Ventures with participation from existing
Announcing our $53M Series C led by Lightspeed Venture Partners
Recognizing the value of deeper vulnerability detection, today R2c is announcing DeepSemgrep for Java and Ruby.
When R2c began developing Semgrep that was its main focus, and R2c knew that lightweight static analysis, based on syntax-aware matching, would excel at enforcing secure defaults.
This morning r2c, a startup building a SaaS service around the Semgrep open-source project, announced that it has closed a $27 million Series B. Felicis led the round, which the company said was a pre-emptive deal.
Semgrep is Hiring for 0 Jobs on Simplify!
Find jobs on Simplify and start your career today
About Semgrep
Industries
Enterprise Software
Cybersecurity
Company Size
51-200
Company Stage
Series D
Total Funding
$187.7M
Headquarters
San Francisco, California
Founded
2017
Semgrep is Hiring for 0 Jobs on Simplify!
Find jobs on Simplify and start your career today