Ideally, when it comes to building secure applications, it’s best to check the code as it moves through the development process, so that vulnerabilities can be found before it gets into production. That’s exactly the kind of solution that Semgrep, formerly r2c, a San Francisco startup, has been building over the last five years.
Today, the company announced it has raised a $53 million Series C. What’s more, in a time where VC dollars are much harder to come by, they weren’t even looking for this funding. The investors approached them, according to company CEO and founder Isaac Evans.
The company’s solution combines open source with a SaaS offering. “So we have two things that are open source: we have this engine, which is kind of like a Google search for code. You write rules for it, and then [the code] runs through the engine, and then that tells you,’hey, this specific line has an issue,’” he said.
But they don’t stop there. “But then the rules themselves a...