Download
Static analysis at ludicrous speed. Find bugs and enforce code standards. Find and prevent security issues in Terraform, Docker, Kubernetes, nginx, and AWS configs before they go into production. Go beyond application code and protect the entire stack with a breadth of scanning capabilities. Don't leak secrets, scan every commit and ensure secrets don't make it to production. Protect the privileged CI/CD environment from malicious activity that could result in access to source code, secrets, and more. Run with registry rules or your own. Code is analyzed locally (not uploaded). Get results at ludicrous speed with diff-aware scans, review findings in MR and PR comments, and deploy Semgrep across your organization’s projects. Go beyond the registry with rules specific to your organization. Write rules to enforce your own code guardrails.
Features
- Open source, works on 20+ languages
- Scan with 1,500+ community rules
- Write rules that look like your code
- Quickly get results in the terminal, editor, or CI/CD
- Flag issues moving forward, get results in pull requests, Slack, + more
- Don't be forced to fix all existing issues just to get started
Project Samples
