| | Need for speed: static analysis version (r2c.dev) |
|
2 points by dbaupp on Nov 29, 2022 | past
|
|
| | Autofixing Code with Semgrep (r2c.dev) |
|
1 point by natmote on Nov 3, 2022 | past
|
|
| | Ignore 98% of dependency alerts: introducing Semgrep Supply Chain (r2c.dev) |
|
176 points by ievans on Oct 4, 2022 | past | 59 comments
|
|
| | r2c: An open source-tool for software security (r2c.dev) |
|
1 point by Extropy_ on Feb 12, 2022 | past
|
|
| | Keep your Semgrep static analysis rules simple with symbolic propagation (r2c.dev) |
|
3 points by todsacerdoti on Feb 10, 2022 | past
|
|
| | JavaScript static analysis comparison: ESLint vs. Semgrep (r2c.dev) |
|
1 point by ievans on Jan 28, 2022 | past
|
|
| | The best, free, open-source supply-chain security tool? The lockfile (r2c.dev) |
|
1 point by mooreds on Jan 27, 2022 | past
|
|
| | The best free, open-source supply-chain security tool? The lockfile (r2c.dev) |
|
3 points by h1x on Jan 22, 2022 | past
|
|
| | The best free, open-source supply-chain security tool? The lockfile (r2c.dev) |
|
5 points by moyer on Jan 21, 2022 | past | 1 comment
|
|
| | Semgrep: A Static Analysis Journey (r2c.dev) |
|
9 points by todsacerdoti on Nov 9, 2021 | past
|
|
| | Semgrep taint mode is now in beta (r2c.dev) |
|
1 point by todsacerdoti on Oct 22, 2021 | past
|
|
| | Protect Your GitHub Actions with Semgrep (r2c.dev) |
|
4 points by ievans on Oct 5, 2021 | past
|
|
| | Semgrep for GitLab (r2c.dev) |
|
9 points by pabloest on June 22, 2021 | past
|
|
| | Appsec Development: Keeping it all together at scale (r2c.dev) |
|
2 points by mooreds on Feb 14, 2021 | past
|
|
| | Should random() be banned? (r2c.dev) |
|
73 points by pabloest on Feb 11, 2021 | past | 205 comments
|
|
| | Four levels of maturity that bridge the AppSec / engineering divide (r2c.dev) |
|
3 points by kiyanwang on Jan 24, 2021 | past
|
|
| | Four levels of maturity that bridge the AppSec / engineering divide (r2c.dev) |
|
6 points by pabloest on Jan 8, 2021 | past
|
|
| | When DevSecOps goes wrong: a short lesson from Huawei's source code (r2c.dev) |
|
53 points by DyslexicAtheist on Dec 19, 2020 | past | 22 comments
|
|
| | Exploiting dynamic rendering engines to take control of web apps (r2c.dev) |
|
9 points by pabloest on Nov 19, 2020 | past
|
|
| | Fixing leaky logs: how to find a bug and ensure it never returns (r2c.dev) |
|
2 points by kiyanwang on Nov 15, 2020 | past
|
|
| | Fixing leaky logs: how to find a bug and ensure it never returns (r2c.dev) |
|
6 points by pabloest on Nov 11, 2020 | past
|
|
| | The future of AppSec and why I joined r2c (r2c.dev) |
|
3 points by mooreds on Oct 29, 2020 | past
|
|
| | Introducing Semgrep and r2c (r2c.dev) |
|
115 points by pabloest on Oct 29, 2020 | past | 21 comments
|
|
| | Not all attacks are equal: understanding and preventing DoS in web applications (r2c.dev) |
|
46 points by ievans on Sept 11, 2020 | past | 13 comments
|
|
| | Type-Awareness in Semantic Grep (r2c.dev) |
|
3 points by ievans on Aug 5, 2020 | past
|
|
| | Hardcoded secrets, unverified tokens, and other common JWT mistakes (r2c.dev) |
|
188 points by todsacerdoti on June 26, 2020 | past | 82 comments
|
|
| | DLint – reguler expression DoS bug hunting (r2c.dev) |
|
1 point by enigmabridge on Feb 20, 2020 | past
|
|
