Semgrep Recognized in the 2025 Gartner® Magic Quadrant™ for Application Security Testing
First-time recognition that Company believes highlights company's specialization in code security
SAN FRANCISCO, Oct. 14, 2025 /PRNewswire/ -- Semgrep, a leading Application Security platform, today announced it has been recognized in the 2025 Gartner® Magic Quadrant™ for Application Security Testing1 for the first time. Semgrep feels this analyst evaluation helps security leaders and decision makers make informed choices about their long-term partners in Application Security.
To Semgrep, the recognition comes as organizations increasingly need modern approaches to application security that can scale with their business objectives while addressing fundamental challenges that have plagued traditional AppSec solutions - particularly false positive noise and lack of developer engagement.
Semgrep's platform includes offerings for static application security testing (SAST) through Semgrep Code, software composition analysis (SCA) through Semgrep Supply Chain, and secrets detection through Semgrep Secrets. The free, open-source Semgrep Community Edition provides a subset of Semgrep Code's capabilities. The Semgrep AppSec Platform is available as a hosted multi- or single-tenant SaaS solution or can be deployed on-premises, including in air-gapped environments. Semgrep specializes in code security, enabling deep expertise in identifying and remediating vulnerabilities before code reaches production.
"We're honored to be included in the Gartner Magic Quadrant for Application Security Testing for the first time," said Isaac Evans, CEO at Semgrep. "Our focus has always been on delivering maximum coverage with minimum false positives. Our hybrid approach combining static analysis with AI is achieving strong results for our customers, filtering out 60% of false positives while maintaining 96% accuracy in triage decisions."
Semgrep Assistant has analyzed more than 6 million security findings across thousands of deployments, achieving a 96% agreement rate with security researchers and users. The platform currently filters out 60% of SAST findings as false positives before security teams see them, while helping developers reduce remediation time by an average of 30 minutes per finding.
Magic Quadrant reports are a culmination of rigorous, fact-based research in specific markets, providing a wide-angle view of the relative positions of providers in markets where growth is high and provider differentiation is distinct. Providers are positioned into four quadrants: Leaders, Challengers, Visionaries and Niche Players. The research enables you to get the most from market analysis in alignment with your unique business and technology needs.
To download a complimentary copy of the 2025 Gartner Magic Quadrant for Application Security Testing report, visit https://semgrep.dev/resources/download-gartner-magic-quadrant
1Source: Gartner, "Magic Quadrant for Application Security Testing," Jason Gross, Mark Horvath, Giles Williams, Shailendra Upadhyay, Dionisio Zumerle, Aaron Lord, Publication Date - October 2025.
Gartner Disclaimer:
Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.
About Semgrep
Semgrep is an application security platform for scanning code for security, reliability, & other issues. Semgrep's mission is to profoundly improve software security and reliability by bringing world-class security tools to engineers—software and security alike. Semgrep's conviction is that the security process must enable rapid software development, instead of hindering it. Semgrep is funded by Felicis Ventures, Lightspeed Venture Partners, Redpoint Ventures, and Sequoia Capital, and has become an essential safeguard for code at customers like Snowflake, Dropbox, and more.
View original content to download multimedia:https://www.prnewswire.com/news-releases/semgrep-recognized-in-the-2025-gartner-magic-quadrant-for-application-security-testing-302583749.html
SOURCE Semgrep