Semgrep Launches Private Beta for AI Business Logic Detection

ByRicardo November 17, 2025

Semgrep, a number one utility safety platform, at the moment introduced the launch of personal beta for AI-powered detection to reinforce its well-liked static utility safety testing (SAST) engine. Participants within the non-public beta can leverage Semgrep’s AI-powered detection to uncover the sorts of enterprise logic vulnerabilities, equivalent to damaged authentication and insecure direct object references (IDORs), that may result in excessive profile safety breaches.

Business logic flaws differ from the sorts of vulnerabilities equivalent to SQL injection or cross-site scripting that organizations have traditionally used SAST instruments to resolve. According to latest bug bounty knowledge, damaged entry management vulnerabilities, together with IDORs and authorization points, now account for roughly half (49%) of all excessive and demanding severity findings. These flaws require understanding developer intent and utility context, which conventional SAST approaches weren’t designed to detect reliably with out important customization.

“Most of our high-severity accountable disclosure findings contain authorization logic flaws. Semgrep’s AI-powered detection now identifies these robotically, giving us the good thing about an inner researcher built-in proper into our CI pipeline,” says Minh Nghiem, Senior Security Engineer at Homebase.

Addressing Critical Security Challenges
AI-powered detection addresses three converging challenges going through trendy safety groups. For safety engineers, enterprise logic vulnerabilities like IDORs more and more dominate bug bounty applications and penetration testing findings, but most groups lack efficient instruments to detect them earlier than manufacturing. For builders, AI-assisted coding instruments speed up growth however introduce new safety dangers that present scanners can’t assess precisely, creating friction between velocity and safety. Security leaders are trying for demonstrable AI capabilities that ship measurable safety enhancements whereas sustaining governance and compliance necessities.

While massive language fashions (LLMs) have proven promise in lots of areas, they lack the reliability required for code safety. To tackle this, Semgrep applies a hybrid system that harnesses the advantages of LLM contextual reasoning in a means that enforces a stage of predictability by mixing conventional SAST capabilities (e.g. guidelines, insurance policies, and guardrails). By leveraging each approaches’ complementary strengths, the system delivers high-fidelity, actionable findings that span vulnerability courses with minimal false positives.

“AI is remodeling the best way we strategy code safety, and Semgrep is on the forefront of that shift,” stated Isaac Evans, CEO and Co-Founder at Semgrep. “With AI constructed into Semgrep, each enchancment in massive language fashions interprets into exponential positive factors for our clients. Our hybrid strategy delivers compounding outcomes that transcend what LLM-only methods can obtain.”

Early Results From Alpha Program
Semgrep’s alpha program, with design companions scanning non-public repositories, demonstrated AI-powered detection’s effectiveness throughout a number of dimensions.

Roughly 80% of collaborating clients found at the very least one important or extreme IDOR.
In comparative testing, Semgrep’s AI-powered detection achieved 1.9 occasions higher recall on IDOR detection in comparison with standalone AI coding assistants like Claude Code.
When examined on conventional vulnerability detection, pure LLM approaches confirmed 95-100% false optimistic charges for SQL injection detection, demonstrating why hybrid approaches combining deterministic evaluation with AI reasoning are obligatory for dependable safety protection.

AI-Powered Detection Availability
The AI-powered detection non-public beta is on the market now to pick out Semgrep clients. Interested organizations can enroll right here to get on the early entry waitlist. Spots are restricted.

The put up Semgrep Launches Private Beta for AI Business Logic Detection first appeared on AI-Tech Park.

Application Security

Digimarc Launches Digital Security Labels to Combat Counterfeiting
ByRicardo September 18, 2025

Move from analog foils to interactive, machine-verifiable authenticity checks that scale back fraud, shield income, and maintain shoppers secure Digimarc Corporation (NASDAQ: DMRC), a worldwide chief in digital identification and authentication options, has launched digitally watermarked safety labels for 100% verifiable product authentication. These labels carry collectively the most recent in Digimarc’s encrypted, covert, and…

Read More Digimarc Launches Digital Security Labels to Combat Counterfeiting
Application Security

Report: 100% of Firms Use AI Code, 81% of Security Teams Blind
ByRicardo November 6, 2025

A brand new examine reveals unmanaged AI is now the #1 precedence, motivating 100% of safety leaders to extend their investments in AI-related initiatives. Cycode, the main AI-native utility safety platform, at the moment launched its State of Product Security for the AI Era 2026 report, revealing a stark safety paradox: whereas AI adoption is now…

Read More Report: 100% of Firms Use AI Code, 81% of Security Teams Blind
Application Security

TAC Security Launches Socify.ai AI-Powered SOC 2 Compliance Platform
ByRicardo September 3, 2025

TAC Infosec Limited (NSE: TAC) (“TAC Security” or the “Company”), a worldwide chief in cybersecurity options, immediately introduced the launch of Socify.ai, a next-generation SOC 2 AI-powered compliance automation platform designed to simplify, speed up, and modernize the audit readiness course of. SOC 2, or System and Organization Controls 2, is a framework and reporting commonplace…

Read More TAC Security Launches Socify.ai AI-Powered SOC 2 Compliance Platform
Application Security

CrowdStrike Tops Frost Radar™ for SaaS Security Posture Management
ByRicardo October 28, 2025

CrowdStrike ranked highest amongst all distributors in progress and innovation CrowdStrike (NASDAQ: CRWD) immediately introduced it has been named the general Leader within the 2025 Frost Radar for SaaS Security Posture Management (SSPM) for the second consecutive time, ranked highest of all distributors in progress and innovation. This recognition underscores the aggressive benefit of CrowdStrike’s unified method to…

Read More CrowdStrike Tops Frost Radar™ for SaaS Security Posture Management
Application Security

Astra API Security Stops Backdoor Cyberattacks
ByRicardo September 9, 2025

A brand new API safety answer delivers real-time visibility and automatic pentesting to safe zombie and undocumented APIs earlier than attackers can exploit them Astra Security, the platform for steady pentesting, combines automated scans with expert-led testing for full protection. Today, the corporate introduced the discharge of its new API Security Platform. The platform uncovers…

Read More Astra API Security Stops Backdoor Cyberattacks
Application Security

Quantum Xchange Launches Version 4.5 of PQC Network Security Solution
ByRicardo September 10, 2025

Latest Release of Phio TX Features Multiple Key Generation Methods for Crypto-Agility and a Future-Proof Migration Path to Quantum Safety Quantum Xchange at the moment introduced on the sixteenth Annual Billington Cybersecurity Summit (sales space #512) the final availability of Phio TX® model 4.5. The newest launch of its award-winning, Post-Quantum Cryptography (PQC) community safety answer permits business enterprises and authorities…

Read More Quantum Xchange Launches Version 4.5 of PQC Network Security Solution

Semgrep Launches Private Beta for AI Business Logic Detection

Digimarc Launches Digital Security Labels to Combat Counterfeiting

Report: 100% of Firms Use AI Code, 81% of Security Teams Blind

TAC Security Launches Socify.ai AI-Powered SOC 2 Compliance Platform

CrowdStrike Tops Frost Radar™ for SaaS Security Posture Management

Astra API Security Stops Backdoor Cyberattacks

Quantum Xchange Launches Version 4.5 of PQC Network Security Solution

Curated by experts. Filtered for relevance.

Resources

About

Subscribe & learn more every day!

Similar Posts

Curated by experts. Filtered for relevance.

Resources

About

Subscribe & learn more every day!