Silicon Valley Cyber Security: Detect complex code patterns using semantic grep

At the Silicon Valley Cyber Security Meetup's virtual event "Talkin’ Security" on April 9th, a presentation was given on semgrep, a multilingual program analysis tool for writing security and correctness queries on source code in languages like Python, Java, Go, C, and JavaScript. Semgrep, which evolved from an earlier tool called Coccinelle used for Linux kernel refactoring, was initially developed by Yoann Padioleau at Facebook and now serves as the query system behind Bento. The tool offers a simple "grep-like" interface, making it accessible for code analysis, and Padioleau is currently working full time on semgrep at r2c. The Silicon Valley Cyber Security Meetup has shared a video recording of this informative presentation.