What do people mean exactly when they use the term reachability? As it turns out, there are many distinct approaches to reachability analysis, but not many resources available that explain how they differ.
In this blog post, we'll go over the different methods of reachability analysis, the pros and cons of each, and why we think Semgrep's is the most effective and pragmatic when it comes to prioritizing software supply chain vulnerabilities.