Announcing Semgrep Code: SAST designed and built for engineers

Semgrep Code is a newly launched security platform designed to enhance code analysis by addressing the limitations of traditional Static Application Security Testing (SAST) tools. Building on the existing Semgrep open-source tool, Semgrep Code introduces the Pro Engine and Pro rules to deliver more accurate and comprehensive vulnerability detection through advanced interfile and inter-procedural analysis. The platform aims to integrate seamlessly into developer workflows, offering quick and actionable findings that help remediate vulnerabilities in real-time. It supports a wide array of programming languages, including Java, JavaScript, and Apex, and provides high-confidence, high-coverage rules crafted by the Semgrep Security Research team. Semgrep Code also facilitates easy monitoring and triaging of vulnerabilities through its cloud platform, aiming to empower organizations to maintain robust security programs efficiently.