Including Funding rounds, Bull / Bear thesis, Stock + earnings, Roster changes, Patents, News, and Open roles.
Already subscribed? Sign in →
No articles ingested yet for Semgrep. Once the hourly news pipeline is live, every article the classifier tags as mentioning this company appears here with its one-line AI summary and sentiment.
Semgrep Code is a static application security testing engine built on the open-source Semgrep scanner, which matches lightweight, source-code-like rules against codebases in over 30 languages. It runs fast enough to fit into local development, pull-request checks, and CI/CD, and emphasizes low false-positive rates and customizable rules so security teams can encode their own standards. Developers and AppSec engineers use it to catch injection flaws, insecure patterns, and policy violations early, with AI assistance to triage findings and suggest fixes.
Semgrep Supply Chain is a software composition analysis tool that inventories open-source dependencies and prioritizes vulnerabilities using reachability analysis, flagging the CVEs whose vulnerable code is actually called rather than every transitive dependency. Semgrep Secrets scans code and history for exposed credentials, API keys, and tokens, validating findings to cut noise. Together with Semgrep Code, they give application security teams a unified, developer-friendly platform that covers custom code, dependencies, and leaked secrets in one workflow.
We don't have a live feed for this company's ATS. Their careers page has every open role.
View all careers ↗