Original Post: Integrating the Snyk Language Server with IntelliJ IDEs The article announces the integration of the Snyk Language Server (LS) with IntelliJ IDEs, emphasizing the reduction of code duplication and enhanced development efficiency. LS… Read More »Seamless Security: How to Integrate Snyk Language Server with Your IntelliJ IDE
Original Post: Leveraging Manifest Files, Lockfiles, and SemVer Specifications The article emphasizes the importance of software supply chain security in 2023, presenting tools like Semgrep Supply Chain’s reachability analysis to identify critical vulnerabilities efficiently. It… Read More »Mastering Dependency Management: The Power of Manifest Files, Lockfiles, and Semantic Versioning
Original Post: You do not need to do DAST in a pipeline to do DevSecOps The content explains that using dynamic scanning tools in a CI/CD pipeline is not a necessity for practicing DevSecOps. The… Read More »Debunking Myths: Why DAST Isn’t Essential for DevSecOps
Original Post: Speed is important in security scanners The blog post highlights the advantages of Semgrep, a code security platform known for its speed, developer-friendly interface, and customizability. Speed is emphasized as a crucial feature,… Read More »Why Speed Matters: Enhancing Security with Faster Scanners
Original Post: Continuous learning The content is an extensive narrative by Tanya Janca on her journey of continuous learning in the IT and information security fields. She details her switch from software development to penetration… Read More »Embracing Lifelong Learning: The Key to Personal and Professional Growth
Original Post: HackerOne partners with Semgrep to combine expert code review with powerful automation The content discusses the challenges of maintaining quality code review in modern development, compounded by the inefficiencies of traditional static analysis… Read More »Enhancing Security: HackerOne’s Collaboration with Semgrep Revolutionizes Code Review through Automation
Original Post: Overrated and underperforming: transitive reachability analysis The content discusses the challenges and limitations of transitive reachability analysis in managing vulnerabilities in software dependencies. The analysis struggles to provide actionable insights due to complex… Read More »Why Transitive Reachability Analysis Fails to Impress
Original Post: Top Tools for Comprehensive Application Security Testing – Qualysec Technologies The content emphasizes the significance of application security in software development. It highlights the importance of using application security testing tools to identify… Read More »Essential Tools for Top-Notch App Security Testing: A Qualysec Technologies Guide
Original Post: scaling your AppSec impact just got easier This quarter, Semgrep focused on enhancing their software security capabilities to make it easier for organizations to deploy and manage their code scanning solutions. Key updates… Read More »Effortless AppSec Scaling: Enhancing Your Application Security Impact
Original Post: What is an Application Security Hackathon? | by Dmshyamjuneja | Jun, 2024 An Application Security Hackathon is an event where cybersecurity enthusiasts, developers, and professionals collaborate to solve security challenges in software applications.… Read More »Understanding the Concept of an Application Security Hackathon: Insights from Dmshyamjuneja