Semgrep, a leading application security platform, has secured $100 million in Series D funding, led by Menlo Ventures with participation from existing investors including Felicis Ventures, Harpoon Ventures, Lightspeed Venture Partners, Redpoint Ventures, and Sequoia Capital. This latest investment brings the company’s total funding to $204 million, positioning Semgrep to further advance its AI-driven approach to application security.
As organizations grapple with increasingly complex codebases, traditional security tools often slow down development due to inefficiencies, excessive alerts, and operational challenges. Semgrep’s platform addresses these issues by enabling developers and security engineers to implement secure guardrails, shifting the focus from reactive risk management to proactive security engineering. The company’s approach emphasizes three core objectives: improving signal-to-noise ratio and prioritization, maintaining high developer productivity while reinforcing security, and delivering an effective application security program at a competitive price.
Semgrep CEO Isaac Evans highlighted the platform’s role in bridging security and development speed, stating that AI-driven security is now essential for modern code protection. Menlo Ventures partner Matt Murphy, who has joined Semgrep’s board, noted that the company’s autonomous code security model exemplifies the future of application security, leveraging AI to provide comprehensive protection without disrupting workflows.
Expanding on its AI capabilities, Semgrep recently launched Semgrep Assistant, a tool that learns an organization’s software development lifecycle and autonomously identifies, triages, and remediates critical security issues. Using a large language model-powered system, the platform converts security vulnerabilities into proactive guardrails, enabling developers to write secure code with minimal friction.
Since its Series C funding in April 2023, Semgrep has expanded its platform to include Static Application Security Testing (SAST), Software Composition Analysis (SCA), and a secrets detection suite. To support its growth, the company has appointed Garrett Souza, former SVP Americas at Matillion and Enterprise Sales Leader at Snyk, as Vice President of Sales. Additionally, Mark McLaughlin, former CEO of Palo Alto Networks, has joined as an angel investor and advisor.
Looking ahead to 2025 and beyond, Semgrep plans to use its funding to recruit top AI and program analysis talent, broaden its market reach, and scale its go-to-market strategy with leadership from companies such as Hashicorp, Elasticsearch, and Snyk. Positioned at the intersection of open-source software and security, Semgrep is focused on driving innovation in AI-powered application security while ensuring seamless developer adoption.
