Case Study: FloQast speeds up security incident response with Semgrep

FloQast addresses security issues in minutes using Semgrep

FloQast, a provider of accounting workflow automation, faced challenges scaling its security program. Their previous homegrown static analysis tool could not efficiently support new languages in their growing MERN stack, creating a heavy technical burden for their application security team. They sought a commercial solution to reduce false positives and scale their security posture without hindering developer productivity, leading them to evaluate Semgrep.

By implementing Semgrep, FloQast integrated static analysis into its CI/CD pipeline to scan every pull request. The Semgrep platform provided transparency, customizability, and support for over 25 languages. The biggest benefit was the drastic reduction in incident response time; engineers could now create a custom Semgrep rule from a code snippet and block vulnerable pull requests within minutes. This enabled FloQast to scale its security program effectively, providing peace of mind to both the security and leadership teams.

FloQast