CIO Influence
CIO Influence News Security

HackerOne and Semgrep Partner to Streamline Code Review for Modern Development

by PR Newswire
HackerOne and Semgrep Partner to Streamline Code Review for Modern Development

HackerOne and Semgrep Customers Can Access Automated Code Security Testing with Added Support from Expert Code Reviewers

HackerOne, the leader in human-powered security announced a partnership with code security solution, Semgrep, to combine Semgrep’s automated code security tools with expert support from HackerOne PullRequest code reviewers. Security teams can now analyze code through Semgrep and have PullRequest reviewers validate results to provide recommendations and context. The partnership enables human-in-the-loop testing to improve collaboration between security and development teams to increase the agility, scalability, and accuracy of the entire code review process.

PREDICTIONS SERIES 2024 - CIO Influence

“Friction between development and code security workflows remains a challenge as development assumes more security responsibility,” said Isaac Evans, co-founder and CEO of Semgrep. “But for teams to remain agile and secure, security and development must work closely together. Our joint solution keeps both teams in mind, so workflows stay collaborative and quality code ships faster.”

CIO INFLUENCE News: Reply Launches Accelerator 365, a New Offering for Microsoft 365 Modern Work Solutions

Modern development teams continue to experience false positives from automated tools that hinder speed, while quality code review can lack scalability for high-velocity teams. HackerOne and Semgrep’s solution integrates natively within pull requests and existing workflows, helping it conform to modern development’s increasingly collaborative structure to deliver relevant and actionable results without disrupting work.

Semgrep uses Static Application Security Testing (SAST), Software Composition Analysis (SCA), and secrets scanning to reveal security risks, which PullRequest code reviewers then evaluate to validate reports, provide context, offer specific remediations, and respond to queries so teams can take action quickly.

“Security teams need solutions that match the agility of the modern development teams they support,” said Alex Rice, founder of HackerOne. “Our partnership with Semgrep ensures software teams get the right insights at the right time in their existing workflows — all with context from human reviewers, so developers spend more time writing trustworthy code and less time fighting security tools.”

CIO INFLUENCE News: Scale Computing Launches New Business Continuity and Disaster Recovery Campaign

[To share your insights with us, please write to sghosh@martechseries.com]

Cision distribution by PR Newswire empowers communicators to identify and engage with key influencers, craft and distribute meaningful stories, and measure the financial impact of their efforts. Cision is a leading global provider of earned media software and services to public relations and marketing communications professionals.

Related posts

mce Systems Reinforces Commitment to Telco-grade Data Privacy & Information Security Management Through Designation of ISO/IEC 27701 Certification

CIO Influence News Desk

Neo4j Signs Strategic Collaboration Agreement with AWS to Address AI Hallucinations

PR Newswire

CIO Influence Weekly Highlights : Top CIO Influence News To Read

CIO Influence Staff Writer