Introducing G2.ai, the future of software buying.Try now
Compare Codacy and Semgrep 
Featured Products
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Cyclopt Companion
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Endor Labs
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Aikido Security
Visit Website
At a Glance
Market Segments
Small-Business (63.0% of reviews)
Enterprise (47.2% of reviews)
Entry-Level Pricing
Free
Starting at $40.00 1 contributor Per Month
Codacy
Star Rating
(28)4.6 out of 5
Market Segments
Small-Business (63.0% of reviews)
Pros & Cons
Entry-Level Pricing
Free
Browse all 3 pricing plansSemgrep
Star Rating
(54)4.6 out of 5
Market Segments
Enterprise (47.2% of reviews)
Pros & Cons
Entry-Level Pricing
Starting at $40.00 1 contributor Per Month
Free Trial is available
Learn more about SemgrepSummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- Users report that Codacy excels in its Ease of Use with a score of 9.2, making it a favorite among small businesses looking for straightforward integration into their workflows, while Semgrep, with a score of 9.3, is noted for its Ease of Setup, which reviewers appreciate for its quick onboarding process.
- Reviewers mention that Codacy's Automated Scans feature is highly effective, providing consistent code quality checks, whereas Semgrep users highlight its Static Code Analysis capabilities, scoring 9.2, which they find particularly useful for identifying vulnerabilities in real-time.
- G2 users indicate that Codacy's Quality of Support is commendable, with a score of 9.2, reflecting positive experiences with customer service, while Semgrep users report a similar score of 9.2 but emphasize the community support and extensive documentation available for troubleshooting.
- Users on G2 note that Codacy's Remediation Suggestions feature, scoring 8.2, could be more comprehensive, while Semgrep shines in this area with users praising its actionable insights and higher score of 9.0, which helps developers address issues more effectively.
- Reviewers mention that Codacy's API / Integrations score of 8.3 indicates room for improvement in connecting with other tools, whereas Semgrep's higher score of 8.7 reflects its robust integration capabilities, making it a better choice for teams using diverse tech stacks.
- Users report that Codacy's False Positives rate of 6.9 is a concern, as it can lead to unnecessary alerts, while Semgrep's score of 7.9 suggests a more reliable detection system, which users appreciate for reducing noise in their security alerts.
Pricing
Entry-Level Pricing
Codacy
Open Source
Free
Unlimited free code scanning for open-source projects
- Unlimited lines of code in public projects
- Code quality and security scanning across 49 languages and frameworks
- 100% cloud-based analysis via Git - no server or build steps needed
Semgrep
Semgrep Code, Supply Chain, and Secrets Detection
Starting at $40.00
1 contributor Per Month
Extensible AppSec for growing teams. Choose from Code (SAST), Supply Chain (SCA), and Secrets Detection to eliminate noise out of the box, streamline developer workflows, and give security teams full visibility.
- Choose from SAST, SCA, and Secrets Detection
- Pro Rules and cross-file analysis
- AI Assistant
Free Trial
Codacy
Free Trial is available
Semgrep
Free Trial is available
Ratings
Meets Requirements
8.9
19
8.8
48
Ease of Use
9.2
20
9.1
49
Ease of Setup
9.1
13
9.4
36
Ease of Admin
8.9
12
9.1
22
Quality of Support
9.2
14
8.8
43
Has the product been a good partner in doing business?
9.1
9
9.6
22
Product Direction (% positive)
8.3
20
9.2
45
Features by Category
Protect
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Feature Not Available
Not enough data
Execute
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Administration
Not enough data
9.0
18
Not enough data
8.2
17
Analysis
Not enough data
8.4
19
Not enough data
9.1
21
Not enough data
9.4
21
Not enough data
9.1
21
Testing
Not enough data
8.7
20
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
7.7
17
Not enough data
7.5
18
Not enough data
8.1
19
Not enough data
7.3
21
Agentic AI - Static Application Security Testing (SAST)
Not enough data
7.9
11
Dynamic Application Security Testing (DAST)Hide 13 FeaturesShow 13 Features
Not enough data
Not enough data
Administration
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Testing
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Performance
Not enough data
8.2
12
Not enough data
8.0
11
Not enough data
8.0
11
Not enough data
9.0
10
Network
Not enough data
8.5
10
Not enough data
7.8
10
Not enough data
8.0
10
Application
Not enough data
Feature Not Available
Not enough data
8.9
11
Not enough data
8.5
11
Agentic AI - Vulnerability Scanner
Not enough data
6.9
6
Not enough data
7.5
6
Functionality - Software Composition Analysis
Not enough data
8.4
18
Not enough data
8.2
18
Not enough data
8.5
18
Effectiveness - Software Composition Analysis
Not enough data
8.5
18
Not enough data
8.3
18
Not enough data
8.3
18
Documentation
Not enough data
8.9
19
Not enough data
9.3
20
Not enough data
8.2
20
Security
Not enough data
7.4
21
Not enough data
7.9
17
Not enough data
8.9
17
Generative AI
Not enough data
Not enough data
Agentic AI - Static Code Analysis
Not enough data
7.7
10
Not enough data
7.6
9
Not enough data
7.7
10
Performance - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Integration - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Interactive Application Security Testing (IAST)Hide 1 FeatureShow 1 Feature
Not enough data
Not enough data
Agentic AI - Interactive Application Security Testing (IAST)
Not enough data
Not enough data
Categories
Categories
Shared Categories
Codacy and Semgrep are categorized as Static Application Security Testing (SAST), Static Code Analysis, Software Composition Analysis, and Dynamic Application Security Testing (DAST)
Unique Categories
Codacy is categorized as Application Shielding
Semgrep is categorized as AI AppSec Assistants, Vulnerability Scanner, Secure Code Review, and Interactive Application Security Testing (IAST)
Reviews
Reviewers' Company Size
Codacy
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Semgrep
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Computer Software
29.6%
Information Technology and Services
14.8%
Program Development
7.4%
Financial Services
7.4%
Security and Investigations
3.7%
Other
37.0%
Information Technology and Services
24.5%
Computer Software
20.8%
Financial Services
15.1%
Manufacturing
5.7%
Semiconductors
5.7%
Other
28.3%
Discussions
Codacy has no discussions with answers
Semgrep has no discussions with answers
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
