Work Here?
About Semgrep
Industries
Data & Analytics
Enterprise Software
Cybersecurity
Company Size
201-500
Company Stage
Series D
Total Funding
$193M
Headquarters
San Francisco, California
Founded
2017
Overview
Semgrep provides a security scanning tool that helps software teams identify vulnerabilities in code before production. It works by analyzing code with Semgrep OSS and Pro Engine and integrates into developers’ workflows and ticketing systems for actionable insights. It reduces noise by using reachability analysis to cut false positives from open-source vulnerabilities by up to 98% and achieves fast scans—average under 5 minutes with a 10-second median CI scan. Its goal is to help engineering teams ship secure software faster by continuously finding and fixing vulnerabilities during the SDLC.
Simplify's Take
What believers are saying
- Menlo Ventures leads $100M Series D in February 2025 for AI expansion.
- Cathy Polinsky hired as co-CTO in 2025 scales hybrid LLM engineering.
- OpenAI program selection secures Snowflake, Figma, Dropbox customers.
What critics are saying
- Snyk siphons SCA revenue via superior GitHub and IDE integrations.
- GitHub Copilot free scanning commoditizes Semgrep within 18-24 months.
- Microsoft AI investments embed security in Copilot, destroying standalone demand.
What makes Semgrep unique
- Semgrep Multimodal combines AI reasoning and rule-based analysis for 8x more vulnerabilities.
- Semgrep cuts false positives 98% with reachability analysis on third-party dependencies.
- Semgrep delivers scans in under 5 minutes, median CI at 10 seconds.
Help us improve and share your feedback! Did you find this helpful?
Funding
Total Funding
$193M
Meets
Industry Average
Funded Over
4 Rounds
Lightspeed Venture Partners
Menlo VenturesIndustry standards
Benefits
Health Insurance
Paid Vacation
401(k) Retirement Plan
Professional Development Budget
Flexible Work Hours
Remote Work Options
Growth & Insights and Company News
6 month growth
↑ 0%1 year growth
↑ 2%2 year growth
↑ 0%Semgrep has launched Semgrep Multimodal, a code security system combining AI reasoning with rule-based analysis for vulnerability detection, triage and remediation. The system finds up to eight times more true positives whilst cutting noise by 50% compared to foundation models alone, and has discovered dozens of zero-day vulnerabilities at customer sites. Built on Semgrep Workflows, the framework enables security teams to automate processes using deterministic tools and AI. Traditional rule-based scanners excel at catching known vulnerabilities but struggle with business logic flaws, whilst LLMs alone produce high false positive rates. Semgrep Multimodal addresses both dimensions by pairing precise programme analysis with LLM reasoning. Semgrep Multimodal is available today, with custom workflows accessible via private beta. Companies including Snowflake, Figma and Dropbox use Semgrep's platform.
Semgrep, a leading application security platform, has secured $100 million in Series D funding, led by Menlo Ventures with participation from existing
Announcing our $53M Series C led by Lightspeed Venture Partners
Recognizing the value of deeper vulnerability detection, today R2c is announcing DeepSemgrep for Java and Ruby.
When R2c began developing Semgrep that was its main focus, and R2c knew that lightweight static analysis, based on syntax-aware matching, would excel at enforcing secure defaults.
There are no jobs for Semgrep right now.
Find jobs on Simplify and start your career today
About Semgrep
Industries
Data & Analytics
Enterprise Software
Cybersecurity
Company Size
201-500
Company Stage
Series D
Total Funding
$193M
Headquarters
San Francisco, California
Founded
2017
There are no jobs for Semgrep right now.
Find jobs on Simplify and start your career today