Semgrep provides an application security platform that combines multiple code security capabilities. The company offers Semgrep Code for static application security testing (SAST), which identifies and helps fix security issues in source code. Semgrep Supply Chain performs software composition analysis (SCA) to detect reachable dependency vulnerabilities. Semgrep Secrets finds hardcoded secrets using semantic analysis. The platform includes Semgrep Assistant, an AI-powered feature that provides triage and code fix recommendations. The Semgrep AppSec Platform serves as a centralized system to automate, manage, and enforce security policies across organizations. The Semgrep Pro Engine uses dataflow analysis to reduce false positives and improve detection accuracy. The platform supports over 40 programming languages and integrates with CI/CD tools including GitHub and GitLab. Founded in 2017 by Drew Dennison, Isaac Evans, and Luke O'Malley, the company evolved from the open source project sgrep. Semgrep performs over 75 million scans annually and maintains a library of over 3,000 community-contributed rules. The platform is used by companies including Figma, Dropbox, Slack, and Snowflake. Semgrep has been recognized in the Gartner Magic Quadrant for Application Security Testing and raised $100 million in Series D funding led by Menlo Ventures.