In this talk we will provide an in-depth look at using semgrep, an open-source tool for static code analysis, to improve the security of your application. The talk will cover how to run it on your codebase, how to interpret the results, and how to create custom rules for semgrep, so you can tailor the tool to your specific needs and reduce false positives making the whole SAST process meaningful. Additionally, we will talk about how to integrate semgrep your CI/CD pipeline, which will automate the process of running semgrep on your codebase and make it easier to catch security vulnerabilities early in the development process. The talk is aimed at developers of all experience levels. Attendees will leave with a good understanding of how to use semgrep to improve the security of their applications.
Create a custom schedule.
Take it with you on mobile.
Get listed in the directory.
