Semgrep

It was a pleasure to have Mark Lindsey, Jerry Sheehan, and Mulinge Sylvia M.B.S join Dr. Katie Paxton-Fear, on the panel “The Dark Side of AI” at #MWC26. Want to know what’s next? Check out our events page 👇 https://lnkd.in/g6YufSqa

How do you scale security without killing engineering speed? Learn how Sola Security uses Semgrep to automate secure coding without adding friction. Discover why they chose Semgrep for high-fidelity interfile analysis. Read the full case study here: 👇  https://lnkd.in/gKyNcARn

In case you missed it, last week we hosted our first virtual keynote, Semgrep Secure 2026: Code Security Rebuilt for the AI Era. 🌀 We introduced a multimodal AppSec engine that combines deterministic analysis with LLM reasoning to eliminate false positives and uncover deeper, context-aware vulnerabilities. It’s not AI layered on top, it’s AppSec rebuilt for how code is written today.  Check out the recording👇

You can write a Semgrep rule to catch hardcoded JWT secrets in under 2 minutes. To run it against your code: semgrep scan --config jwt-rule.yml ./src This catches every instance where a developer passed a string literal as the signing key instead of pulling from an env variable or secret manager, pretty handy!

Last week, the team headed to Utah for the Après Cyber Slopes Summit and to Seattle for BSides.🚀 Huge thanks to everyone who stopped by our table at the Après Cyber Slopes Summit to say hello, to those who joined us at SPIN Seattle to kick off BSides with Formal and to everyone who came to see Kurt Boberg and Max vonBlankenburg speak in Seattle. We’re incredibly grateful to be part of this community and for the chance to connect with so many folks in person. Curious where we’re headed next? Visit our events page: https://lnkd.in/g6YufSqa

Want to write code that’s secure by design? 🛡️ Check out the Semgrep Cheat Sheets, a collection of language-specific guides to help you mitigate common risks and master secure coding in your favorite frameworks. 🔵 Python, Java, JavaScript, Go, Ruby, and more. Access the guides👇 https://lnkd.in/gNj7MrRt #AppSec #SecureCode

Semgrep Code is designed to move security at the speed of development through four key stages: 1️⃣ Unified Detection: Combines SAST with AI to catch everything from classic SQLi to complex business-logic flaws. 2️⃣ Noise Reduction: Semgrep Assistant filters out 20% of false positives on day one by understanding your code's context. 3️⃣ Developer Remediation: Shifts security left with AI-generated fixes and step-by-step instructions directly in the PR. 4️⃣ Organizational Memory: Learns from your triage decisions so you never have to review the same issue twice. Stop chasing noise and start scaling your security program. Learn more about Semgrep Code👇 https://lnkd.in/gvR_C2XM

Imagine an AI that reasons like a security engineer with the context of your lead developer.  Semgrep’s retrieval systems give any LLM the repo-specific nuance it needs to be reliable.👇 #AppSec

We are excited to share that The WOMEN IN SECURITY Documentary, directed by Yvette Freeman, will premiere at RSAC in San Francisco this year, and Semgrep is honored to be a sponsor. This powerful film highlights the women redefining leadership, innovation, and impact across the cybersecurity industry. Join us for an evening of storytelling, community, and inspiration. 📆Tuesday, March 24 & Wednesday, March 25 🕜 4:00 – 6:00 pm 📍AMC Metreon 16 | San Francisco Register to attend👇 https://lnkd.in/gXr_QB4n

Open source software offers unparalleled transparency, but does it also come with heightened security risks? Is open source the key to seamless security, or does it open the door to potential threats? Dr Katie Paxton-Fear discusses the debate on open source security, and how a single phishing email cascaded into a widespread vulnerability. #Technology #Security #OpenSourceDevelopment