#semgrep Development Tutorials & Tips | Roast Dev

JavaScript Rules, Wiz Integration, Bitbucket SCM and Catching Malicious Dependencies

Semgrep is an open-source static code analysis tool for finding bugs and security vulnerabilities. Here is a round up of a few of the recent updates from the past month that you may have missed. ...

26.03.2025 0 Read More

Getting Started with SAST and Semgrep CLI

Securing software is difficult and not always top of mind when developing an application. A security engineer at a large bank once told our team that if its development stopped, he calculated it would...

11.04.2025 0 Read More

Vibe Check: Securing AI-Generated Code Using MCP

Using generative artificial intelligence is a boon for the experimental nature that comes from building software. The unfortunate truth is that AI-generated code suffers from some of the same issues a...

14.04.2025 0 Read More

SAST vs SCA: Choosing the Right Source Code Security Scanning Tools

Engineering teams want to satisfy security teams. Security teams want to be seen as value-added and not a nuisance or distraction to development. The threat from not addressing application security is...

17.04.2025 0 Read More

RSA Plans, Vibe Coding, AppSec Industry Survey, Anthropic and a CVE for vLLM

This is another installment of the top ten things happening at Semgrep recently that I think you will want to know about. Let Them Build Luke O’Malley, one of the founders of Semgrep shared ...

21.04.2025 0 Read More

JavaScript Rules, Wiz Integration, Bitbucket SCM and Catching Malicious Dependencies

Getting Started with SAST and Semgrep CLI

Vibe Check: Securing AI-Generated Code Using MCP

SAST vs SCA: Choosing the Right Source Code Security Scanning Tools

RSA Plans, Vibe Coding, AppSec Industry Survey, Anthropic and a CVE for vLLM

#reading

#popular