Welcome to the Elephant in AppSec, the podcast to explore, challenge, and boldly face the AppSec Elephants in the room.Recently, Opengrep made headlines as a new open-source project based on a fork of Semgrep Community Edition, with the goal of democratizing SAST.As you know, I'm always ready to dive into controversial topics on The Elephant in AppSec, and this episode is no exception. But before we jump in, full disclosure: I’m staying neutral in this conversation. I’ve had the privilege of collaborating with incredible people on both sides of the discussion, and I’m here to explore all perspectives.I spoke with the teams behind Opengrep—Arnica, Mobb, Aikido, and Jit—to explore what inspired them to get involved, the feedback they’ve received—both positive and negative—since the launch, and what lies ahead for the project — What will Opengrep look like a year from now?By the way, if you want to dive deeper into their plans, join the Opengrep Open Roadmap session tomorrow (link in the description) or check out the next version of Opengrep, which will launch next week.Dive right in!Mentioned in the video: Opengrep repo: https://github.com/opengrep/opengrepSemgrep: https://semgrep.dev/ Opengrep roadmap session. Register here: https://lu.ma/07bivwlzJames Berthoty’s launch article: https://pulse.latio.tech/p/announcing-opengrepOWASP projects: https://owasp.org/projects/This podcast is provided by Escape: https://escape.tech