Case Study: Policygenius achieves near-zero false positives and faster scans with Semgrep

Policygenius Shifting left with Semgrep

The software security team at Policygenius, a company with over 1,000 employees, needed a scalable solution to integrate security into their development process without slowing down their developers. Their challenge was to find a fast, reliable tool with a very low false positive rate to shift security left in their SDLC. They chose to implement Semgrep App from the vendor Semgrep.

With Semgrep, Policygenius runs over 600 rules in just a couple of minutes, achieving their speed requirements. The solution has a 99% uptime and, most significantly, a false positive rate of less than 1%, allowing the team to focus on real vulnerabilities. The implementation of Semgrep enabled Policygenius to successfully shift security left, detecting issues before they reach production and helping developers learn secure coding practices.

PolicyGenius

Jessica Grider

Sr. DevSecOps Engineer