#security

Rulesets (99)

Gitlab, Semgrep

Use Semgrep as a universal linter to identify vulnerabilities in your code base with the bandit (https://github.com/PyCQA/bandit) rule pack.

Semgrep

Default ruleset for Java, curated by Semgrep.

Semgrep

Default ruleset for Ruby, curated by Semgrep.

Semgrep

Default ruleset for C and C++, curated by Semgrep.

Semgrep

Default ruleset for Apex, curated by Semgrep. Includes rules contributed by nCino. Semgrep Pro >= 1.44.0 is required to run rules in this ruleset.

Semgrep

Scan code for uses of functions listed on Microsoft's list of banned functions. These functions are error-prone and typically have a safer replacement function.

Semgrep

Alpha ruleset for C/C++. Scan code for potential security issues that require additional review. Recommended for security engineers or consultants who don't mind false positives and are looking to flag troublesome spots for further review.

Semgrep

Alpha ruleset for C/C++. Scan code for uses of functions listed on Microsoft's list of banned functions. These functions are error-prone and typically have a safer replacement function.

Semgrep

Alpha ruleset for C/C++. This ruleset is intended to produce low false positives, and safe for use in CI/CD pipelines.

Semgrep

Scan C++ code for potential security issues that require additional review. Recommended for security engineers or consultants who don't mind false positives and are looking to flag troublesome spots for further review.

Semgrep

Default ruleset for C#, curated by Semgrep.

Semgrep

The CWE Top 25 is an industry-recognized report of top application security risks. Use this ruleset to scan for CWE Top 25 vulnerabilities.

Semgrep

Default ruleset for Elixir, curated by Semgrep.

Gitlab

Use Semgrep as a universal linter to identify vulnerabilities and code smells in your code base with the eslint rule pack.

Gitlab, Semgrep

Use Semgrep as a universal linter to identify vulnerabilities in your code base with the bandit (https://github.com/PyCQA/bandit) rule pack.

Semgrep

Default ruleset for Kotlin, curated by Semgrep.

Semgrep

The OWASP Top 10 is an industry-recognized report of top web application security risks. Use this ruleset to scan for OWASP Top 10 vulnerabilities.

Semgrep

Default ruleset for PHP, curated by Semgrep.

Semgrep

Alpha ruleset for Python. This ruleset is intended to produce low false positives, and safe for use in CI/CD pipelines.

Semgrep

General purpose ruleset for Rust. Includes audit-oriented rules, which might lead to false positives.

Semgrep

Default ruleset for Scala, curated by Semgrep.

Semgrep

Default ruleset for Swift, curated by Semgrep.

Rules (0)