Semmle is making its global debut today with a new solution that could help speed up the development of secure software code. The company’s software analytics platform includes a “Looks Good to Me” solution as well as a query engine for preventing software mistakes.
In addition, the company is launching with a $21 million series B round of funding led by Accel Partners, with participation from Work-Bench, bringing Semmle’s total funding up to $31 million. The company has also announced that Accel’s Ping Li and Vas Natarajan will join the board of directors.
According to Semmle, it will use this funding to serve large technology and financial services companies globally. The platform is already used by top companies and organizations like Google, Microsoft, NASA and Nasdaq.
“The stakes have never been higher for securing the world’s software,” said Accel’s Ping Li. “By making code searchable in a database, Semmle is redefining what’s possible in terms of fidelity of the analysis. It’s why Semmle is already trusted by the most innovative and valuable organizations in the world like Google and Microsoft.”
Semmle believes it takes a different approach to securing software by combining object-oriented programming and database logic to solve the problem of making code semantically searchable.
“The greatest scientific and technological breakthroughs throughout history resulted from combining different disciplines, such as the use of computer science and biology to sequence the human genome,” said Oege de Moor, CEO of Semmle. “We built Semmle on this same principle, bringing together our 100+ patents in database technology and programming to enable deep semantic code search. With Semmle, CIOs, developers and security researchers can finally answer previously unanswerable questions about their code to find coding mistakes and 0-days that would otherwise be invisible.”
The company’s LGTM (Looks Good to Me) analytics platform will enable developers to better understand their code, processes, and people, by combining deep semantic code search and data science insights from a community of 500,000 developers. LGTM is integrated in a developer’s workflow and provides feedback, recommendations and benchmarking insights, the company explained.
LGTM is powered by the company’s query engine QL. QL aims to turn source code into searchable relational data, and uses AI to present actionable recommendations for improvement to developers and managers.
“The same kinds of logical coding mistakes are made over and over again, sometimes repeatedly within a single project, and sometimes across the whole software ecosystem. These mistakes are the source of many of today’s critical software vulnerabilities,” the company wrote on its website. “Using QL, you can codify such mistakes as queries, find logical variants of the same mistake elsewhere in the code, and prevent similar mistakes from being introduced in the future by automatically catching them before code gets merged.”