Semgrep
Semgrep is a fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time.
- Open Source
Best Semgrep Alternatives & Competitors in 2024
The best Semgrep alternatives based on verified products, community votes, reviews and other factors.
Filter:
12
Open-Source Alternatives.
Latest update:
-
SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
-
Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.
-
Verify your customers in under 15 seconds anywhere in the world with a cutting-edge SaaS & API platform for Identity Verification and AML/KYC compliance.
-
The industry’s most comprehensive AppSec platform, Checkmarx One is fast, accurate, and accelerates your business.
-
Automatically reviews code style, security, duplication, complexity, and coverage on every change while tracking code quality throughout your sprints.
-
Cppcheck is an analysis tool for C/C++ code. It detects the types of bugs that the compilers normally fail to detect. The goal is no false positives. CppCheckDownload cppcheck for free.
-
Find and fix defects in your Java, C/C++ or C# open source project for free
-
ShellCheck finds bugs in your shell scripts
-
CoGuard is a comprehensive static analysis tool to aid DevOps professionals in securely setting up IT infrastructures.
-
Bearer is an open source, fast and accurate static application security testing (SAST) tool that analyze your source code to discover, filter and prioritize security and privacy risks.
-
Automated dependency updates for your Ruby, Python, JavaScript, PHP, .NET, Go, Elixir, Rust, Java and Elm.
-
The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C...
-
David A. Wheeler's Page for Flawfinder
-
Veracode's application security software products are simpler and more scalable to increase the resiliency of your application infrastructure.