Security teams across the world use Semgrep open source for creating custom rules & enabling their developers to secure their code at the source. With over 2800 community rules, security teams can meet their eng teams where they are without encountering hundreds of false positive vulnerabilities. Semgrep Pro Engine further enables teams by allowing them to analyze code across files using taint analysis, constant propagation, and other advanced analysis methods.
Join us as we cover:
How Semgrep can help with your SAST needs and what is included in Semgrep open source
How to utilize the community rules and build rules for yourself
An overview of advanced analysis including; interfile, interprocedural, and taint analysis