Training 201: Understanding Reachability on Github with Semgrep Supply Chain

For security teams looking to detect and action based on whether a vulnerable function within a vulnerable open source dependency is being used in their code, Semgrep Supply Chain’s reachability analysis cuts down the noise and helps prioritize such reachable security issues.

Join us as we cover: 

  • How open source dependency scanning tools have been traditionally ineffective in separating the noise from actionable findings in GitHub

  • What is a reachable finding in Semgrep Supply Chain 

  • A demo showing how to prioritize security issues in GitHub-hosted repositories

Watch On-Demand

Our Speaker

David Whitlow
David Whitlow

Head of Solutions Engineering @ Semgrep

Featured Events

Don't miss our upcoming events!

Subscribe to our newsletter

Don’t miss out on upcoming Semgrep events