Announcing AI-assisted remediation guidance on every PR

Semgrep Assistant has significantly enhanced its remediation guidance, achieving over 95% coverage of true positive findings and reducing the median time-to-resolution by 15%, saving developers an average of 20 minutes per finding. This improvement stems from providing step-by-step instructions and actionable human language explanations, which are particularly beneficial for junior developers or those lacking security expertise. The guidance, which is now integrated into developers' workflows such as PR comments and Jira tickets, not only helps in resolving current security issues but also educates developers, preventing future mistakes. For AppSec engineers, the detailed guidance simplifies scanning results and allows them to focus on critical issues without writing personalized code reviews, effectively scaling their impact. The AI-generated guidance is routinely evaluated by a team of security researchers to maintain high quality, and it has been found to be actionable nearly 78% of the time. These enhancements have led to a higher fix rate and faster resolution times, reflecting the value of AI in assisting developers with secure coding practices.