height="0" width="0" style="display:none;visibility:hidden">
Try our
new research platform
with insights from 80,000+ expert users
Research Reports
Categories
Cybersecurity
Endpoint Detection and Response (EDR)
Vulnerability Management
Security Information and Event Management (SIEM)
Cloud Security Posture Management (CSPM)
Extended Detection and Response (XDR)
Endpoint Protection Platform (EPP)
Firewalls
Container Security
Intrusion Detection and Prevention Software (IDPS)
ZTNA
Advanced Threat Protection (ATP)
Anti-Malware Tools
Unified Threat Management (UTM)
Cloud-Native Application Protection Platforms (CNAPP)
Cloud Workload Protection Platforms (CWPP)
Data Loss Prevention (DLP)
ZTNA as a Service
Threat Intelligence Platforms (TIP)
Secure Access Service Edge (SASE)
Distributed Denial-of-Service (DDoS) Protection
IT Management
IT Infrastructure Monitoring
Log Management
Server Monitoring
Remote Access
Configuration Management
IT Service Management (ITSM)
Operating Systems (OS) for Business
Managed DNS
Container Monitoring
Workload Automation
Container Management
IT Asset Management
Server Virtualization Software
User Provisioning Software
Managed File Transfer (MFT)
Virtualization Management Tools
Remote Monitoring and Management (RMM)
IT Alerting and Incident Management
Virtual Desktop Infrastructure (VDI)
SaaS Management Platforms
Cloud Computing
Microsoft Security Suite
Cloud Monitoring Software
Cloud Backup
AWS Marketplace
Cloud Management
PaaS Clouds
Cisco Security Portfolio
Infrastructure as a Service Clouds (IaaS)
Cloud Cost Management
Cloud Migration
Cloud Storage
Hybrid Cloud Computing Platforms
Public Cloud Storage Services
MSP Backup
Cloud Analytics
Compute Service
Software Defined Data Center (SDDC)
Cloud Storage Gateways
Managed Cloud Services
Hadoop
Data Management
Data Integration
Data Governance
Cloud Data Integration
Compliance Management
Relational Databases Tools
Data Warehouse
Cloud Data Warehouse
Data Quality
Database Management Systems (DBMS)
Vector Databases
Open Source Databases
Metadata Management
Cloud Master Data Management (MDM)
Database Development and Management
Deduplication Software
Data Masking
Database as a Service (DBaaS)
NoSQL Databases
Managed NoSQL Databases
Data Observability
Enterprise Communications and Networking
Network Monitoring Software
Secure Web Gateways (SWG)
Software Defined WAN (SD-WAN) Solutions
WAN Edge
AIOps
CDN
WAN Optimization
Network Traffic Analysis (NTA)
Ethernet Switches
Network Management Applications
Wireless LAN
Network Automation
Application Delivery Controllers (ADC)
Network Troubleshooting
Rack Servers
Blade Servers
LAN Switching
Routers
Enterprise Browsers
AV Over IP Switching
Application Development Software
Application Performance Monitoring (APM) and Observability
Application Security Tools
Static Application Security Testing (SAST)
Rapid Application Development Software
IT Operations Analytics
DevSecOps
Application Security Posture Management (ASPM)
Functional Testing Tools
Patch Management
Test Automation Tools
Application Lifecycle Management (ALM) Suites
API Testing Tools
Software Supply Chain Security
Dynamic Application Security Testing (DAST)
Mobile APM
Build Automation
Regression Testing Tools
Release Automation
Software Development Analytics
Enterprise Architecture Management
Data Protection and Storage
Backup and Recovery
All-Flash Storage
Disaster Recovery (DR) Software
File and Object Storage
Software Defined Storage (SDS)
SaaS Backup
HCI
NVMe All-Flash Storage Arrays
NAS
Modular SAN (Storage Area Network)
File Archiving
Enterprise SAN
Data Replication
Converged Infrastructure
Disk Based Backup Systems
Container Backup Software
Application Server
File System Software
Storage Software
Cloud Software Defined Storage
Enterprise Applications
AI Software Development
AI Observability
Business Orchestration and Automation Technologies
AI Data Analysis
Business Process Management (BPM)
Email Security
BI (Business Intelligence) Tools
AI Security
AI-Powered Cybersecurity Platforms
Process Automation
Robotic Process Automation (RPA)
AI IT Support
Low-Code Development Platforms
Reporting
Project Management Software
Data Visualization
ERP
GRC
Business Process Design
Talent Management
Enterprise Architecture and Integration
API Management
Integration Platform as a Service (iPaaS)
Streaming Analytics
Business-to-Business Middleware
Event Monitoring
Application Infrastructure
Message Queue (MQ) Software
Enterprise Service Bus (ESB)
Message Oriented Middleware (MOM)
Data Migration Appliances
Migration Tools
SOA Governance
General Purpose HSM
SOA Application Gateways
Web Access Management
Complex Event Processing (CEP)
Payment HSM
Code Signing Management
Customer Care
CRM
Help Desk Software
Data Management Platforms (DMP)
Customer Experience Management
Digital Experience Monitoring (DEM)
CRM Customer Engagement Centers
AI-Powered Chatbots
Contact Center Platforms
Field Service Management
Social CRM
Workforce Engagement Management
Contact Center as a Service (CCaaS)
Digital Experience Platforms (DXP)
Social Media Management Solutions
Partner Relationship Management (PRM)
Live Chat
Customer Communications Management (CCM)
Customer Data Analysis
Customer Feedback Management
Contact Center Infrastructure
Sales and Marketing
Marketing Management
Sales Force Automation
Marketing Automation
Opportunity Management
eCommerce Platforms
Product Configuration and Quoting
Marketing Intelligence
Web Analytics
Payment Processing Software
Product Management Software
Personalization Engines
Marketing Resource Management
Sales and Market Intelligence
Advertisement Technology Platforms
Channel Marketing Automation Software
Predictive Sales Intelligence
Sales Performance Management
Content Marketing Software
Revenue Enablement Platforms
Cloud GTM Platforms
Data Center and Facilities Management
Data Center Networking
Enterprise Asset Management (EAM)
Data Center Infrastructure Management
Data Center Power Solutions
Workplace Management Software
Computerized Maintenance Management Software (CMMS)
Facility Maintenance Management Software
Data Center Monitoring
Data Center Cooling Systems
Workplace Analytics Software
Wiring and Cabling Solutions
All categories
Comparisons
Top comparisons
Cloudflare vs. Quad9
Netgate pfSense vs. OPNsense
Fortinet FortiGate vs. Sophos Firewall
Amazon API Gateway vs. Microsoft Azure API Management
Checkmarx One vs. SonarQube
Hyper-V vs. VMware vSphere
GitLab vs. Microsoft Azure DevOps
MinIO vs. Red Hat Ceph Storage
AWS Secrets Manager vs. Azure Key Vault
AWS GuardDuty vs. Microsoft Defender for Cloud
Amazon Web Services (AWS)
Amazon API Gateway vs. Microsoft Azure API Management
AWS Secrets Manager vs. Azure Key Vault
AWS GuardDuty vs. Microsoft Defender for Cloud
Amazon Route 53 vs. Azure DNS
Akamai Connected Cloud (Linode) vs. Amazon AWS
Amazon EKS vs. Red Hat OpenShift Container Platform
Amazon EFS (Elastic File System) vs. Microsoft Azure File Storage
Amazon QuickSight vs. Microsoft Power BI
AWS Security Hub vs. Microsoft Sentinel
AWS Database Migration Service vs. AWS Glue
Cisco
Cisco Secure Firewall vs. Fortinet FortiGate
Aruba Wireless vs. Cisco Meraki Wireless LAN
Aruba ClearPass vs. Cisco Identity Services Engine (ISE)
Cisco Umbrella vs. Zscaler Internet Access
Aruba Switches vs. Cisco Ethernet Switches
Cisco Wireless vs. Ruckus Wireless
Cisco Secure Email vs. Trellix Collaboration Security
Cisco Intersight vs. Cisco UCS Manager
Cisco Meraki MX vs. Palo Alto Networks NG Firewalls
Cisco Linksys Ethernet Switches vs. NETGEAR Switches
Dell Technologies
Dell PowerEdge R-Series vs. HPE ProLiant DL Servers
Dell PowerFlex vs. VxRail
Dell PowerStore vs. Dell Unity XT
Dell PowerProtect Data Domain vs. HPE StoreOnce
Dell PowerEdge T-Series vs. HPE Proliant ML
Dell PowerScale (Isilon) vs. NetApp FAS Series
Dell Avamar vs. Dell PowerProtect Data Manager
Dell RecoverPoint for Virtual Machines vs. VMware Live Recovery
Dell APEX vs. HPE GreenLake
Amazon AWS vs. Dell ObjectScale
Google
Google Cloud Identity vs. Microsoft Entra ID
Google Cloud DNS vs. Quad9
Apigee vs. Microsoft Azure API Management
Azure OpenAI vs. Google Vertex AI
Amazon WorkMail vs. Google Workspace
Alibaba Cloud vs. Google Cloud
Google Firebase vs. Microsoft Azure
Google Gemini AI vs. Grammarly Pro - Enterprise
Amazon S3 Glacier vs. Google Cloud Storage Nearline
AWS Snowball vs. Google Transfer Appliance
IBM
IBM Security Guardium Data Protection vs. Imperva Data Security Fabric
IBM Security QRadar vs. Splunk Enterprise Security
ActiveMQ vs. IBM MQ
IBM DOORS vs. Polarion Requirements
Camunda vs. IBM BPM
IBM API Connect vs. IBM DataPower Gateway
IBM MaaS360 vs. Microsoft Intune
IBM Db2 Database vs. SQL Server
IBM Maximo vs. ServiceNow
IBM Integration Bus vs. Mule ESB
Microsoft
Amazon API Gateway vs. Microsoft Azure API Management
Hyper-V vs. VMware vSphere
GitLab vs. Microsoft Azure DevOps
AWS Secrets Manager vs. Azure Key Vault
AWS GuardDuty vs. Microsoft Defender for Cloud
Amazon Route 53 vs. Azure DNS
Windows 11 vs. Windows Server
Amazon EFS (Elastic File System) vs. Microsoft Azure File Storage
Google Cloud Identity vs. Microsoft Entra ID
Jamf Pro vs. Microsoft Intune
OpenText
OpenText Functional Testing vs. Tricentis Tosca
OpenText Core Application Security vs. SonarQube
Jira vs. OpenText Software Delivery Management
Sentinel vs. Splunk Enterprise Security
OpenText Communications vs. Quadient Inspire
OpenText Documentum Content Management vs. SharePoint
OpenText Professional Performance Engineering (LoadRunner Professional) vs. Tricentis NeoLoad
Microsoft Azure DevOps vs. OpenText Application Quality Management
OpenText Dynamic Application Security Testing vs. PortSwigger Burp Suite Professional
Microsoft Defender for Endpoint vs. OpenText Core Endpoint Protection
Oracle
Oracle VM VirtualBox vs. Proxmox VE
Oracle VM vs. VMware vSphere
Oracle Linux vs. Ubuntu Linux
Firebird SQL vs. MySQL
Oracle HCM Cloud vs. SAP SuccessFactors
Oracle Database vs. SAP HANA
Microsoft Power Apps vs. Oracle Application Express (APEX)
Oracle Data Integrator (ODI) vs. Oracle Integration Cloud Service
Oracle WMS vs. SAP Warehouse Management
NetSuite ERP vs. Oracle Fusion Cloud ERP
Palo Alto Networks
Prisma Cloud by Palo Alto Networks vs. Wiz
Cortex XSIAM vs. Palo Alto Networks Cortex XSOAR
Cisco Secure Firewall vs. Palo Alto Networks WildFire
Fortinet FortiGate vs. Palo Alto Networks NG Firewalls
Netskope vs. Prisma Access by Palo Alto Networks
Island vs. Prisma Access Browser
Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Endpoint
Cisco Umbrella vs. Palo Alto Networks DNS Security
Azure Firewall vs. Palo Alto Networks VM-Series
Cisco Catalyst SD-WAN vs. Prisma SD-WAN
SAP
Celonis vs. SAP Signavio Process Manager
SAP SuccessFactors vs. Workday
SAP ERP vs. SAP S/4HANA
Amazon AWS vs. SAP Cloud Platform
Oracle Database vs. SAP HANA
Kinaxis vs. SAP Integrated Business Planning for Supply Chain
Microsoft Dynamics CRM vs. SAP CRM
SAP PowerDesigner vs. erwin Data Modeler
SAP Analytics Cloud vs. SAP BusinessObjects Business Intelligence Platform
Oracle WMS vs. SAP Warehouse Management
More comparisons
For Vendors
For Vendors
Learn More
AWS + PeerSpot
Get Listed
peerspot.ai
Sign In
Home
Static Application Security Testing (SAST)
Semgrep
Pros & Cons
Semgrep pros and cons
Vendor:
Semgrep
3.7
out of 5
3 reviews
100% willing to recommend
Leave a review
Overview
Reviews
Pros & Cons
Alternatives
Semgrep Pros review quotes
Henry Mwawai
Security Consultant | Application Security at Jowatechs
Sep 23, 2024
The most valuable feature is the ability to write our custom rules.
Read full review
Manjunath Maneppagol
Cloud & Application Security at Sixt SE
Nov 29, 2025
Compared to other competitors in the market, the AI-backed capability is the biggest strength of Semgrep.
Read full review
Francisco Javier Vergara
SecOps Engineer at Iriusrisk
Mar 20, 2026
The best part of Semgrep is its ease of integration with CI/CD pipelines and how it is a developer-friendly tool.
Read full review
Semgrep Cons review quotes
Henry Mwawai
Security Consultant | Application Security at Jowatechs
Sep 23, 2024
There should be more information on how to acquire the system, catering to beginners in application security, to make it more user-friendly.
Read full review
Manjunath Maneppagol
Cloud & Application Security at Sixt SE
Nov 29, 2025
I have consistently observed that their scan time is an issue; sometimes with their AI-based scanning, when you triage that scan, the scan never completes or finishes, which makes it difficult.
Read full review
Francisco Javier Vergara
SecOps Engineer at Iriusrisk
Mar 20, 2026
However, as a tool it is really complex to maintain and to use, and it has a huge price tag.
Read full review
Product Categories
Product Categories
Static Application Security Testing (SAST)
Supply Chain Management Software
Software Composition Analysis (SCA)
Static Code Analysis
Popular Comparisons
Popular Comparisons
SonarQube
vs Semgrep
Snyk
vs Semgrep
Checkmarx One
vs Semgrep
GitLab
vs Semgrep
Veracode
vs Semgrep
Coverity Static
vs Semgrep
Black Duck SCA
vs Semgrep
JFrog Xray
vs Semgrep
Mend.io
vs Semgrep
OpenText Core Application Security
vs Semgrep
OWASP Zap
vs Semgrep
Qualys Web Application Scanning
vs Semgrep
OpenText Static Application Security Testing
vs Semgrep
Klocwork
vs Semgrep
Aikido Security
vs Semgrep
See all alternatives
Product Categories
Product Categories
Static Application Security Testing (SAST)
Supply Chain Management Software
Software Composition Analysis (SCA)
Static Code Analysis
Popular Comparisons
Popular Comparisons
SonarQube
vs Semgrep
Snyk
vs Semgrep
Checkmarx One
vs Semgrep
GitLab
vs Semgrep
Veracode
vs Semgrep
Coverity Static
vs Semgrep
Black Duck SCA
vs Semgrep
JFrog Xray
vs Semgrep
Mend.io
vs Semgrep
OpenText Core Application Security
vs Semgrep
OWASP Zap
vs Semgrep
Qualys Web Application Scanning
vs Semgrep
OpenText Static Application Security Testing
vs Semgrep
Klocwork
vs Semgrep
Aikido Security
vs Semgrep
See all alternatives
Related questions
257
What Application Security Solution Do You Use That Is DevOps Friendly?
22
Which is the most comprehensive open source Web Security Testing tool?
38
What is the best Application Security Testing platform?
23
When evaluating Application Security Testing, what aspect do you think is the most important to look for?
60
SAST vs. DAST: Which is better for application security testing?
39
What tools do you rely on for building a DevSecOps pipeline?
88
What does the Log4j/Log4Shell vulnerability mean for your company?
53
Checkmarx or Veracode. Which should we choose?
108
What are your recommended automated penetration testing tools?
42
What are the OWASP top 10 in 2020?
Overview
Reviews
Pros & Cons
Alternatives
© 2026 PeerSpot, All Rights Reserved.
