Posts
The Open-Source Vulnerabilities, OSV, database is a new, open source, project from Google that goes beyond the current state of CVE tracking.
Avoiding the introduction of vulnerabilities in a project is nothing short of science. Most projects use SAST scanning at the final stage in order to find and fix them. One great tool used in this way is Semgrep which combines the convenience of grep with the correctness of syntactical and semantic search and can be categorized as something between grep and a SAST tool. For the lowdown check my detailed article Semgrep - More Than Just a Glorified Grep.
Comments