Announcing Semgrep Code Search (public beta)

Semgrep has launched a public beta for its new Code Search feature, designed for users with a paid license for Semgrep Code, which significantly accelerates the process of writing and deploying rules for identifying vulnerabilities. By enabling users to search across all their organization's repositories in seconds, Code Search reduces the feedback loop for rule evaluation from days to seconds, enhancing the confidence in rule deployment with a low false positive rate. This capability is particularly beneficial for security teams that need to scale their efforts efficiently, as evidenced by a customer who used Code Search to generalize a bug bounty submission and identify additional vulnerabilities, saving significant future costs. The feature is powered by AWS Lambda, allowing parallel scanning of multiple repositories, and is optimized to avoid unnecessary processing, making it both fast and effective. The developers invite feedback through an integrated UI button, encouraging users to share their experiences and suggestions for improvements.