As more teams depend on open source code, the number of vulnerabilities and threats also increases. As with traditional SCA tools, identifying and triaging issues often leads to 98% false positive rate and misleading signals. Utilizing open source is critical to increasing developer productivity, but how do teams balance speed and security? 

Join us as we cover: 

• What is Semgrep Supply Chain

• How to quickly scan for vulnerabilities in open source dependencies using Semgrep Supply Chain

• Finding the 2% open source vulnerabilities in your code that are actually reachable

• Getting results in the developer's workflow to efficiently triage issues