Semgrep

As LLMs and AI-powered IDEs like Cursor are transforming how we code, security tools haven’t kept up. That's why we built our MCP server, which gives LLMs the ability to use Semgrep (kind of like how ChatGPT uses Python for math). If the LLM is your pair programmer in the IDE, think of Semgrep as its security brain - making sure everything it outputs is secure by default. 💡 Imagine this: You’re generating code, and MCP is quietly scanning it for vulnerabilities, bugs, and secrets in real-time — no context switching, no copy-pasting from another terminal. 🔗 https://lnkd.in/gTUEfxQ2 #AI #appsec #devops #infosec #cybersecurity

Ever heard of LLM poisoning? 🤔 Recently, Leif Dreizler joined Travis McPeak (Resourcely) and William Bengtson (HashiCorp) on the 404 Security Not Found podcast to discuss how misinformation websites are intentionally spreading fake news to influence AI model responses. Leif also shares some exciting upcoming Semgrep events that you won’t want to miss! 🎧 Listen to the full episode here: https://lnkd.in/eJcgZ7kX #AI #appsec #infosec #devops #cybersecurity

Take control of sensitive code without developer frustration! 💻 Semgrep’s Supply Chain Policies give AppSec teams fine-grained control over security policies, ensuring stronger security without slowing down developers. Key Benefits: 🔐 Granular control over pull requests ⚙️ Seamless integration into CI/CD workflows 📉 Reduced noise & focused security efforts ⏳ Time savings for AppSec teams Discover how to strengthen your security while maintaining developer velocity: https://lnkd.in/gRsHbd-T #AppSec #SupplyChainSecurity #DevSecOps #CyberSecurity #Semgrep #CodeSecurity

Looking to level-up your web security? 🤔 Our Security Headers course is now live in the Semgrep Academy! Learn from Scott Helme & Tanya Janca how to protect your apps with browser security headers. Register for FREE: https://lnkd.in/gcFq8e-Q 🔥And don’t miss our LIVE Fireside Chat: Mastering Security Headers! Join Scott & Tanya on March 22nd at 9AM PT for a deep dive into security headers, where they’ll expand on what you’ll learn in the course, share real-world insights, and answer your questions live! Secure your spot: https://lnkd.in/gjYqaN_K #WebSecurity #SecurityHeaders #SemgrepAcademy #AppSec #CyberSecurity

Headed to RSA this year? 🤔 What are you most excited about if so? Drop us a comment! Here at Semgrep, we’re equally excited about some of our joint events we’re hosting with partners like ArmorCode Inc., Code Red Partners, ProjectDiscovery, Prophet Security, the book signings that Tanya Janca will be hosting daily in our booth 📚 along with her session talks, and the new product demos we’ll be giving at our booth, including new features and integrations, like our Wiz integration! 🚀 Sign-up for one of our events or stop by booth 2051 to say hi! 👋 https://semgrep.dev/rsa/ #RSAC #cybersecurity #AppSec #InfoSec #DevSecOps

🚀 5 Ways SAST & SCA Help Fintech Innovate Securely 🚀 Fintech companies need secure, scalable solutions to stay ahead, and Semgrep’s SAST and SCA tools provide exactly that. Here’s how they help protect customer data, ensure compliance, and drive efficiency: 1️⃣ Secure code is compliant code – Meet regulatory frameworks like DORA, SOC2, and FedRAMP effortlessly. 2️⃣ Protect users by protecting fintech – Prevent data breaches and build trust by securing sensitive information. 3️⃣ Drive efficiency in AppSec – Seamless integrations and reduced false positives help AppSec teams focus on what matters. 4️⃣ Ensure Confidentiality, Integrity, and Availability (CIA) – Safeguard your customers’ data with precise security insights. 5️⃣ Get out of developers’ way – Empower developers with AI-powered guidance to accelerate development without compromising security. Read our blog to learn more: https://lnkd.in/gNaApmmx #Fintech #SAST #SCA #AppSec #CyberSecurity #SecureDevelopment #DataProtection

Seattle Bsides Security Conference, we’re coming for you! 🚀 Join Misha Kuenstner & Leif Dreizler on April 18th at 10AM PT for: 🎤 A Blueprint for Branding: Authentic Ways to Establish Your Public Persona Then, join Vasilii Ermilov at 11AM PT for: 🎤 Most Common Vulnerabilities in GitHub Actions: Takeaways from Mass Scanning Open-Source Repos 🎟️ Get your tickets: https://lnkd.in/ga4W6eJv But that’s not all! 🎉 ⛳️We’re also hosting a Top Golf event with RunReveal on April 17th—request to join: https://lnkd.in/gP8Sepya #BsidesSeattle #CyberSecurity #AppSec #infosec #devsecops

Join Brandon Wu for two hands-on Semgrep Rule Writing sessions! 📅 April 2nd - Semgrep Rule Writing 101 Learn to write custom queries using basic patterns in "search mode" with real-world security examples. 📅 April 9th - Semgrep Rule Writing 201 Dive deeper into advanced features like metavariable operators and taint mode, and discover how to use Autofix for security remediation. Don't miss out—mark your calendars and join us to improve your security practices! 🔗Register now: https://lnkd.in/gT3remKd #Semgrep #RuleWriting #AppSec #CyberSecurity #DevSecOps

Exciting news! 🚨 The Semgrep Academy just dropped a new course: Security Headers 🔐 Join Scott Helme & Tanya Janca to learn how to protect your web apps with essential browser security headers! What will you learn?  ✅ The evolution of web browser security ✅ Key headers like HSTS, CSP, and Permissions Policy ✅ Easy steps to get started! …And there’s so much more! 📝 Register for FREE here: https://lnkd.in/gcFq8e-Q #WebSecurity #SecurityHeaders #SemgrepAcademy #AppSec #cybersecurity

We had an amazing time at the Cloud & Cybersecurity Expo in London! 🇬🇧  It was an unforgettable experience connecting, talking, dining & sharing knowledge with so many of you - plus showcasing what Semgrep can do…🎥 #AppSec #Semgrep #CCSEL #CCSEL25 #TechShowLondon