Semgrep.dev
Semgrep App Security Platform | AI-assisted SAST, SCA and Secrets Detection
Semgrep is a developer-friendly platform that uses AI to scan your code for security issues, detect secrets, and manage app security with actionable insights.
AI-powered code security for developers
Semgrep is an application security platform designed for developers who want to keep their code safe without slowing down their workflow. With Semgrep, you can scan your source code to quickly find and fix real security issues, including hardcoded secrets and vulnerable dependencies.
The platform stands out by using AI-assisted tools for static analysis, supply chain security, and secret detection, making it easier to surface actionable problems and reduce false positives. You can also automate security policies across your organization and get code fix recommendations right in your workflow.
Whether you're working solo or as part of a team, Semgrep helps you manage, enforce, and improve security throughout your software development process, all while staying developer-friendly and highly customizable.
Alternatives to Semgrep.dev
Discover websites similar to Semgrep.dev based on shared categories, topics, and features.
Alternatives with .dev Domain Extension
OpenSSF Scorecard helps you check open source projects for risky security practices and vulnerabilities, making it easy to build safer software.
Cerbos is an open-source platform that lets you add scalable, fine-grained access control and authorization to your apps, keeping security simple and flexible.
Aikido helps developers secure code, cloud, and apps by finding and fixing vulnerabilities fast—all in one easy-to-use security platform.
Sigstore helps you sign and verify software so you know it's authentic and secure. Protect your code and build trust in what you deliver.
Join the Google AI Developers Forum to ask questions, share insights, and get support on Google's Gemini API and AI Studio projects.
SLSA offers an open framework and tools to secure your software supply chain, helping teams prevent tampering and improve project integrity.
gVisor is an open-source platform that adds an extra layer of security for containers, helping you run apps safely and meet compliance needs.
Earn a free OpenSSF Best Practices badge for your open source project and show your commitment to secure, high-quality software development.
Browse clear documentation for Gym, a standard Python API and environment suite for reinforcement learning. Find guides, usage examples, and reference info.
Top Semgrep.dev Alternatives (Matching Language)
Snyk helps developers find and fix security risks in code, open source dependencies, containers, and AI-generated apps, all in one easy platform.
Checkmarx offers AI-powered tools for application security testing, helping developers find and fix code vulnerabilities easily within their workflow.
Veracode helps you find and fix security vulnerabilities in your software, including AI-generated code, with unified tools for safer app development and deployment.
Mend.io helps development and security teams manage application risks with tools for proactive security, code scanning, and automated risk insights.
Tidelift helps you reduce security risks in open source software and ensures the packages you depend on stay secure and well-maintained over time.
Cycode is a platform for managing application security, helping you find, prioritize, and fix vulnerabilities across your software development lifecycle.
Hacken offers blockchain security audits, AI-powered compliance, and penetration testing to help crypto and Web3 projects stay secure and resilient.
Protect AI offers a unified platform to secure AI applications, providing tools and resources to proactively manage and defend against evolving AI threats.
PreEmptive offers tools to protect .NET, Java, MAUI, and JavaScript apps with code obfuscation and security features for safer software deployment.
Suhosin adds advanced security features to PHP servers, helping protect websites and applications from vulnerabilities in PHP code and core.
Grsecurity offers a secure Linux kernel replacement with advanced exploit prevention, helping you protect systems from both known and unknown threats.
ModSecurity is a free, open source web application firewall that helps protect websites from online threats with customizable rules and real-time monitoring.
Oligo Security helps you detect and stop security threats in your applications at runtime, so you can focus on building features with peace of mind.
Runtime Verification helps secure blockchain and Web3 projects by using formal methods to verify smart contracts and system logic for safer computing.
Open Policy Agent lets you define and enforce policies across cloud-native systems. Explore docs, try Rego, and join the active community.
MalCare protects WordPress sites with automatic malware scans, one-click malware removal, and a real-time firewall—without slowing your website down.
Astra Security offers a continuous pentesting platform with automated vulnerability scanning, helping you secure web, API, cloud, and mobile apps easily.
Anchore helps you secure your software supply chain with SBOM-powered analysis, automating compliance and managing open source risks for your projects.
Codacy helps developers improve code quality and security by automating checks, enforcing standards, and integrating seamlessly into your workflow.
Black Duck helps you secure your software with advanced application security testing tools and services for safer, higher-quality development.
More Semgrep.dev Alternatives
Practice web security skills with this intentionally vulnerable PHP/MySQL app, designed for ethical hacking, learning, and teaching in a safe environment.
mgm security partners offers comprehensive application security services, including automated testing, secure coding, and penetration testing for businesses.
AboutCode helps you find, scan, and track open source and third-party code, generate SBOMs, and automate license and security compliance.
OpenZeppelin offers secure smart contract tools, audits, and cloud services to help you build, monitor, and manage blockchain apps across 30+ networks.
Halborn offers blockchain and Web3 security services like smart contract audits, penetration testing, and code reviews for financial and decentralized projects.
Learn about reproducible builds—software development practices that ensure source code and binaries can be independently verified for security and trust.
OSTIF.org is a nonprofit helping secure open source apps by organizing security audits and reviews, making software safer for everyone.
Coverity Scan helps developers find bugs and security issues in their code by offering free static analysis for open source projects.
Get expert consulting in PHP security, cryptography, and secure web development to protect your business applications beyond basic compliance.
Automatically generate clear, helpful changelogs with AI for your code releases, making it easy to share updates and ship better release notes.
Savelife.AI offers AI-powered healthcare tools to improve clinical documentation, radiology reporting, and early stroke detection for better patient care.
Build your own website easily with free AI-powered software for Mac, Windows, and Linux. Generate, edit, and export sites with no coding needed.
Create unique images from text prompts using AI. Log in with Google, Microsoft, or Apple to generate custom artwork in seconds.
WebRTC.org offers an open framework that lets you add real-time audio, video, and data communication features directly into web browsers and apps.
OnTheGoSystems builds innovative translation tools and AI solutions to help businesses of all sizes expand globally with ease. Fully remote team.
ABtesting.ai uses AI to help you quickly run A/B tests on your landing pages, making it easy to boost conversions and find what works best for your site.
Apache Jena is a free, open source Java framework for building Semantic Web and Linked Data applications, supporting RDF, SPARQL, and more.
ICLR 2025 is the official site for the International Conference on Learning Representations, offering event info, registration, and research paper access.
angr is an open-source Python platform for analyzing binaries, offering both static and dynamic symbolic analysis tools for reverse engineering and research.
Generate knowledge graphs easily with RML.io tools for Windows, Mac, and Linux. Use simple rules to turn your data into structured, connected insights.