Announcing an AI AppSec engineer that users agree with 95% of the time

Semgrep Assistant has introduced two new features aimed at enhancing its semi-autonomous capabilities to significantly reduce triage workloads for developers and security engineers, with a reported immediate workload reduction of 20% and up to 40% after a week of use. The first feature, Noise Filtering, employs Semgrep's deterministic SAST engine and LLMs to identify and filter false positives, maintaining a high accuracy rate that aligns with user and security researcher assessments, thus addressing the persistent issue of signal-to-noise ratio in static analysis tools. The second feature, Autotriage Memories, allows the Assistant to learn and remember organization-specific security contexts without requiring custom rule creation, further streamlining the triage process and improving efficiency, as exemplified by a Fortune 500 company experiencing a 2.8-fold improvement. These advancements are built on principles of transparency and user control, ensuring that all contextual data and findings are auditable and reversible, thereby building trust in the tool's AI-powered functionalities. Additionally, a new Pre-production tab and improved secrets detection through a combination of static analysis and AI context analysis further enhance the platform's capability, enabling it to provide accurate, low-noise results and alleviating the burden on security teams to focus on more critical security challenges.