Home IconBlogsecuritySlack on scaling static analysis with Semgrep
security

Slack on scaling static analysis with Semgrep

Slack’s DEF CON 29 AppSec Village presentation
Pablo Estrada
Pablo Estrada
August 10, 2021
slack-on-scaling-static-analysis-with-semgrep

In this video, Erin Browning and Tim Faraci from Slack present at DEF CON 29 AppSec Village. Highlights include:

  • Keeping developers happy with fast scan results

  • Thinking beyond the compliance checkbox

  • Dealing with false positives

  • Integrating scanning into the developer and security workflows

  • Calibrating metrics and performance targets

Enjoy!

About

Semgrep Logo

Semgrep is a fast, open-source, static analysis tool for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.

Learn more with Semgrep’s blog

semgrep 1.0 blog postAnnouncement

December 01, 20223 min read

Releasing Semgrep 1.0
Yoann PadioleauYoann Padioleau
xml-javaSecurity

January 17, 20239 min read

XML Security in Java
Pieter De CremerPieter De Cremer
Introducing Semgrep Supply ChainBest practices

October 13, 20228 min read

A deep dive into Semgrep Supply Chain
Kurt BobergKurt Boberg

Code scanning at ludicrous speed

Find bugs and enforce code standards

Semgrep Logo

Code analysis at ludicrous speed

Products

Semgrep Code
Semgrep Supply Chain
Semgrep Cloud Platform
Semgrep Pro Engine

Community

Blog

Resources

Docs
ROI Calculator
Pricing
Getting Started With Semgrep
Registry
Playground
Book a demo
Help Center

Company

About
Careers
Contact us
Twitter-logo-greenSlack-logo-greenGitHub-logo-greenYoutube-logo-green

© 2023 Semgrep, Inc. Semgrep is a registered trademark of Semgrep, Inc.

TermsPrivacy