Bay Area OWASP Meetup presentation

Video from the Bay Area OWASP Meetup on May 21

Pablo Estrada
Pablo Estrada
December 08, 2020
semgrep placeholder image

A big thanks to the Bay Area OWASP Meetup for inviting us to present at their “Hacker Days” event on May 22nd.

In this presentation we discuss a program analysis tool we’re developing called Semgrep (previously sgrep). It’s a multilingual semantic tool for writing security and correctness queries on source code (for Python, Java, Go, C, and JavaScript) with a simple “grep-like” interface. The original author, Yoann Padioleau, worked on Semgrep’s predecessor, Coccinelle, for Linux kernel refactoring, and later developed Semgrep (then sgrep) while at Facebook. He’s now full time with us at r2c.

Here’s the video of the presentation and you can also download the slides.


Semgrep Logo

Semgrep is a fast, open-source, static analysis tool for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.

Code scanning at ludicrous speed

Find bugs and enforce code standards