Semgrep
Fast, lightweight static analysis across 30+ languages. Custom rules, zero false positives by default, open-source core.
static-analysissecurityopen-sourcelinting
Why it matters
Semgrep is fast, lightweight static analysis for 30+ languages. Custom rules for enforcing standards and finding security bugs.
Specifications
TypeStatic Analysis
Languages30+
LicenseLGPL 2.1
Ask AI
Ask about Semgrep
Alternatives in Security
See allMETA
Snyk
Developer-first security platform. Scan for vulnerabilities in code, dependencies, containers, and IaC — with auto-fix suggestions.
Trivy
All-in-one vulnerability scanner for containers, filesystems, Git repos, and IaC. Fast, accurate, and CI/CD native.
Project Glasswing
Anthropic's initiative for securing critical infrastructure in the AI era. Focuses on robust supply-chain security and agentic guardrails. Top HN story in April 2026.