Investment, led by Menlo Ventures, accelerates autonomous security platform for developers
Semgrep, a leading Application Security platform, today announced $100M in Series D funding led by Menlo Ventures. With added participation from existing investors including Felicis Ventures, Harpoon Ventures, Lightspeed Venture Partners, Redpoint Ventures, and Sequoia Capital, this round brings the company’s total funding to $204M to date.
Customers and security leaders tell Semgrep current code scanners are noisy and low efficacy, slow developers down, and are difficult to operationalize. Simultaneously, organizations face mounting pressure to secure increasingly complex codebases while maintaining rapid development cycles. Semgrep’s AppSec Platform enables developers and security engineers to establish Secure Guardrails, transitioning from traditional risk management to proactive security engineering. Semgrep is building the world’s best autonomous code security platform in three key ways:
- Delivering market-leading signal-to-noise ratio and prioritization;
- Product choices that keep developer productivity high and perception of security positive; and
- Enabling an effective AppSec program at an affordable price.
“The era of AI for security is here, and Semgrep is uniquely positioned to help organizations secure their code without sacrificing development velocity,” said Isaac Evans, CEO at Semgrep. “With the Semgrep platform, you can build an Appsec program with cost-effectiveness, security, and development speed.”
“AI is having a profound impact on all areas of technology. Semgrep’s approach to autonomous code security is a perfect example and represents the future of application security,” said Matt Murphy, Partner at Menlo Ventures and new Board Member of Semgrep. “Semgrep’s unique combination of AI capabilities and deep security expertise solidifies them as the leader in this increasingly critical market.”
AI Capabilities Expand the Semgrep Reach
Security teams are overwhelmed with the volume of code they have to secure. Launched just two weeks ago, Semgrep Assistant learns your organization’s software development life cycle, automatically finds, triages, prioritizes, and fixes the most important security issues as an agentic AppSec engineer. Through its LLM-powered platform, Semgrep automatically converts identified security bugs into secure guardrails, enabling developers to write more secure code without sacrificing speed.
Strategic Expansion and Leadership
Since the company’s Series C announcement in April 2023, Semgrep has built a massive technology advantage in its Appsec Platform which is now a Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Secrets product suite for hundreds of customers.
Semgrep is also bringing in external expertise to scale the company. Today the company also announced the appointment of Garrett Souza, former SVP Americas at Matillion and Enterprise Sales Leader at Snyk, as Vice President of Sales, along with the addition of Mark McLaughlin, former CEO of Palo Alto Networks, as an Angel Investor and Advisor.
In 2025 and beyond, Semgrep will use the funds in a series of ways, including hiring world-class AI and program analysis talent to extend the company’s competitive edge, in addition to increasing awareness of what its product offers beyond a security practitioner audience. Lastly, the funds will boost the company’s Go-To-Market team with veterans and advisors from organizations like Hashicorp, Elasticsearch, Snyk, and others – leveraging its unique position as a rare company at the intersection of OSS and security.
