LGTM

Continuous security analysis for developers

LGTM automatically analyses every commit to identify vulnerabilities early and enable developers to prevent zero-days from reaching production.

01

Superior security analysis

Get started with LGTM now
See your options

Our deep semantic code search identifies critical vulnerabilities in your code that no one else can find. 

LGTM automatically runs over 1,600 standard analyses – contributed by top researchers from the Semmle Security Research Team and our growing customer community including Microsoft, Google, Uber and Mozilla – on every code change.

Quickly refine and run custom CodeQL queries to find variants of known issues and prevent them from being re-introduced into your codebase.

Case Study Semmle at BlackLine: Securing the data integrity of financial data in the cloud
Read more

We use LGTM to build shared knowledge and expertise across the organization, enabling us all to work as a team and move our product forward together.

Gregory Burns / Director of Software Development at BlackLine
02

Results that matter

Get LGTM for your team
See your options

When focused on security, it's important to reduce the noise and zero in on the security alerts that actually need your attention.

LGTM is constantly analyzing development behavior to ensure you receive the most relevant alerts at the right time. We analyze every commit to provide context on when and where a problem was introduced.

Personalized and project-based alerts are ranked based on the potential security threat.

Case Study Semmle at Murex: Securing and modernizing the world's leading capital markets platform
Read more
03

Automate security code review

Get LGTM for your organization
See your options

Prevent vulnerabilities from entering production by seamlessly integrating with your development workflow.

LGTM analyzes every commit to provide feedback and recommendations directly in your pull requests. Use our API to integrate analyses into your CI/CD pipeline, custom workflows, and issue tracker.

Tune and refine CodeQL queries using IDE integrations or the CLI. Run analyses across all of your codebases from the intuitive LGTM web interface.

Case Study Semmle at Nasdaq: Improving ROI and reducing time-to-market
Read more

The essence of our Nasdaq Corporate Solutions business is to deliver great software continuously, and LGTM is key for us to do that.

Heather Abbott / SVP of Global Corporate Solutions Technology at Nasdaq

Key Features

01Unrivalled security analysis

Our standard security analyses are cutting-edge, and are created in collaboration with - and preferred by - the world’s leading software organizations, frequently uncovering zero-days

02Seamless workflow integration

Get LGTM security and code quality recommendations in your IDE and let LGTM comment on pull requests when new issues should be addressed before merge

03Custom analyses

Powered by CodeQL, LGTM lets you create new analyses that are specific to your in-house APIs and context, delivering more accurate and relevant results to developers

04Intelligent alerts

Our standard queries are based on industry expertise, and bring you actionable recommendations and personalized feedback, prioritized intelligently by looking at remediation behaviour of a huge community of your peers

05Trends and benchmarking insights

Track progress over time, deep dive to explore the impact of events, and compare your projects - internally and to the rest of the world

06Rich and flexible Analytics

Measure impact of initia-tives, identify red spots across the portfolio, uncover vulnerable versions of 3rd party libraries your software depends on, explore opportunities within teams to ensure that their development organizations are set up for success

LGTM.com

LGTM.com is free for all Open Source projects.

LGTM Enterprise

Self-hosted LGTM for all your private code repositories.

Get started