San Francisco-based startup Semgrep, which initially went by the name r2c, is poised for expansion after securing a $53 million Series C investment. The company has spent the past five years developing its code security platform to help identify vulnerabilities before applications reach production.
What sets Semgrep apart is its combination of open-source and software-as-a-service (SaaS) offerings. According to Isaac Evans, the CEO and founder of the company, Semgrep's engine operates like a Google search for code, scanning for issues based on predefined rules. These rules are also available under a free license, providing a high level of value to users. A vertically integrated SaaS solution then sits atop this engine, further enhancing the platform's effectiveness.
The company's beginnings date back to 2017 when Evans had the vision to create such a solution. Initially, the team struggled to build a platform specifically for developers until they hired former Facebook engineer Yoann Padioleau in 2018. Padioleau identified an open-source product with the desired features, added support for a modern language like Python, and showcased its potential during a company hackathon. This proved to be a turning point for Semgrep.
Since launching the open-source version of the platform in 2020, Semgrep has attracted roughly 2 million users. The startup's revenue-producing products also experienced 7.5x growth last year, demonstrating their appeal to the targeted developers and security teams. Currently, Semgrep employs 90 people and has plans to hire an additional 50 during the coming year.
Evans emphasizes the importance of building a diverse team and is willing to take extra time to find candidates from diverse backgrounds. He believes that looking beyond familiar channels can contribute to a more inclusive workforce, even if it slows down the hiring process.
Regarding the recent fundraising, Evans stated that it was unexpected and came earlier than planned. An attractive offer on the table from Lightspeed Venture Partners and participation from previous investors, including Felicis Ventures, Redpoint Ventures, and Sequoia Capital, prompted the decision to accept the funds. The $53 million raised in the Series C brings Semgrep's total funding to $93 million.
No-code platforms like AppMaster can streamline app development, allowing developers to focus on more critical aspects of their projects, such as code security. Semgrep's code security solution is an excellent example of how open source and SaaS offerings, combined with no-code platforms, can come together to create a better, safer app development ecosystem.
As the need for secure applications continues to grow, platforms like Semgrep and AppMaster offer innovative solutions that help developers and security teams minimize vulnerabilities, ultimately leading to safer products in the market.
