Seattle Java User Group: Detect complex code patterns using Semgrep

A walk through of practical and real-world Semgrep examples for Java

In this talk, Kurt Boberg from Chegg and Daghan Altas from r2c show how to use Semgrep to detect complex code patterns in Java, with a particular focus on real-word and practical examples including detection of SQL injections, reverse shells, and XML external entity injections.

Thanks to the Seattle Java User Group for hosting this event!

About

Semgrep Logo

Semgrep lets security teams partner with developers and shift left organically, without introducing friction. Semgrep gives security teams confidence that they are only surfacing true, actionable issues to developers, and makes it easy for developers to fix these issues in their existing environments.

Find and fix the issues that matter before build time

Semgrep helps organizations shift left without the developer productivity tax.

Get started in minutesBook a demo