Try our new research platform with insights from 80,000+ expert users

Apiiro vs Semgrep comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Apiiro
Ranking in Static Application Security Testing (SAST)
23rd
Ranking in Software Composition Analysis (SCA)
11th
Average Rating
8.6
Reviews Sentiment
7.8
Number of Reviews
2
Ranking in other categories
API Security (9th), Software Supply Chain Security (8th), Risk-Based Vulnerability Management (13th), Application Security Posture Management (ASPM) (2nd)
Semgrep
Ranking in Static Application Security Testing (SAST)
29th
Ranking in Software Composition Analysis (SCA)
14th
Average Rating
8.0
Reviews Sentiment
7.8
Number of Reviews
1
Ranking in other categories
Supply Chain Management Software (3rd), Static Code Analysis (8th)
 

Featured Reviews

Ryan-Murphy - PeerSpot reviewer
A great secrets detection feature, good visibility, and integrates well
The biggest benefit of Apiiro for us was the visibility it gave us into our GitHub organization, which we didn't have much of before. The benefit of adding Apiiro early is that it would be integrated into our pipeline from the start. Since we have had some of our software products for many years, we would have to do a lot of cleaning up before integrating Apiiro into our developer workflow. Integrating Apiiro early allows us to stay ahead of the curve on security issues and address them as they arise, rather than having a huge backlog for developers to fix. Apiiro's ability to provide visibility into the risk of our application components is great. This was a selling feature for us. Apiiro was a less mature product a little over a year ago when they were still early on in their development. However, they have made fantastic advancements over the last year, which has given us much more visibility into that sort of thing. Apiiro has helped prevent business-critical risks by making recommendations based on what it thinks is a high or critical issue. I think it does a pretty good job at that, but those recommendations still need a manual review from us. In general, if Apiiro flags a critical issue, it is usually pretty close to identifying whether it is business-critical or not. It is something we should review, even if we end up downgrading it. Apiiro raises valid concerns, and I am happy that it does.
Henry Mwawai - PeerSpot reviewer
Automated code reviews and good scalability with custom rule adaptability
We use Semgrep to check custom user pipelines and test their claims for any vulnerabilities. We process the code by passing it through the testing process for any operability issues before sending feedback to the developers and providing the final product. This is part of the static testing…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The workflow automation is likely the best aspect of the solution."
"Apiiro's secrets detection feature has saved us several times, which we appreciate greatly."
"The most valuable feature is the ability to write our custom rules."
 

Cons

"I would like support for our self-hosted Git server, other than GitHub, just regular Git."
"User management is a little bit clunky."
"There should be more information on how to acquire the system, catering to beginners in application security, to make it more user-friendly."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
824,067 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
21%
Financial Services Firm
10%
Comms Service Provider
9%
Manufacturing Company
9%
Financial Services Firm
19%
Computer Software Company
16%
Manufacturing Company
12%
Media Company
4%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
No data available
 

Questions from the Community

What do you like most about Apiiro?
Apiiro's secrets detection feature has saved us several times, which we appreciate greatly.
What is your experience regarding pricing and costs for Apiiro?
My understanding is the pricing is pretty competitive.
What needs improvement with Apiiro?
Apiiro recently integrated SaaS, and we would love to see them expand on that. They provide many integrations to different products, including SaaS products such as Snyk. Ideally, Apiiro would incl...
What needs improvement with Semgrep?
There should be more information on how to acquire the system, catering to beginners in application security, to make it more user-friendly.
What is your primary use case for Semgrep?
We use Semgrep to check custom user pipelines and test their claims for any vulnerabilities. We process the code by passing it through the testing process for any operability issues before sending ...
 

Comparisons

 

Also Known As

Apiiro Control Plane (ASOC), Apiiro API Security (SAST), Apiiro Open Source (SCA)
Semgrep Code, Semgrep Supply Chain, Semgrep AppSec Platform
 

Learn More

 

Overview

 

Sample Customers

Morgan Stanley, Rakuten, Jack Henry, SoFi, Colgate, Navan
Policygenius, Tide, Lyft, Thinkific, FloQast, Vanta, and Fareportal
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: November 2024.
824,067 professionals have used our research since 2012.