Olivia
Online
Semmle
@Semmle
Semmle has joined GitHub.
Finding zero-days and automating variant analysis | Creators of CodeQL and @LGTM
San Francisco, CA
Joined February 2016
20 Following
1.7K Followers
395 Posts
Pinned Tweet
Big news! Semmle is joining the @Github team to bring community-powered security analysis to millions of developers. Learn more from Semmle CEO @oegerikus here: https://t.co/iDN5RrY8J1
ICYMI: We're running a CTF until December 31st. Write a CodeQL query to find a specific class of DOM-based XSS vulns. The 2 best submissions will win Nintendo Switches, and 10 additional entries will receive coupons that can be used for GitHub Swag.
https://t.co/fqliovIXP2
We've just launched a new slack workspace for anyone interested in being part of the mission to secure the open source software we all depend on. https://t.co/DH4ICBskUF
If you'd like to receive an invitation to join the workspace, send us a DM with your email address.
Yesterday we had our first GitHub Security Meetup, with ligthning talks by @kevin_backhouse @Nosoynadiemas @agustingianni and Abishek Arya (Google). But also with exciting discussions with security folks. Thanks to all attendees and others: stay tuned for the next one in January.
Who to follow
grsecurity
@grsecurity
Foundational security for the Linux kernel. Solving the most difficult memory unsafety problems. Created by @opensrcsec
Samuel Groß
@5aelo
Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
REcon 
@reconmtl
REcon: Annual reverse engineering and security conference held in Montreal.
Learn how our security researcher @nicowaisman found wireless vulnerabilities in the Linux Kernel, and variants, thanks to CodeQL: https://t.co/eKE0VPPna5
Want to challenge your vulnerability hunting skills? Try our latest Capture The Flag and discover XSS-unsafe jQuery plugins: https://t.co/fqliovIXP2
Check out the GitHub Security Lab bounty program! https://t.co/v4zfP0oSco. Write a query, find bugs, get rewarded.
Welcome to the GitHub Security Lab @GHSecurityLab! Join us and contribute to secure the world's code! Visit https://t.co/5xpshQ0Aot
Want to learn more about QL and how you can use it to find variants of vulnerabilities in your code? Join us for our Semmle User Group this Wednesday night at Mozilla. See the event details for more information.
https://t.co/5q6F0x2o2V
Semmle security researcher @kevin_backhouse discloses another integer overflow vulnerability in libssh2, which could potentially lead to information disclosure https://t.co/nMHic8zpko
Is your code VUCA (Volatile, Uncertain, Complex, Ambiguous)? Let's see how the OODA Loops theory inspires our code review practices. https://t.co/vjCnO9vkEc
Join us today for some @Semmle fun and examples of finding vulnerabilities! Let's democratize security
In this video, @kevin_backhouse discusses the libssh2 integer overflows and out-of-bounds read he recently discovered. See how it can be triggered by connecting to a malicious ssh server https://t.co/yV8F1AP8pU
Imagine if your dev team could have automated code review powered by security expertise? Tomorrow, join @oegerikus and @fjserna to see how community-powered security can become a part of the developer’s workflow. https://t.co/iUgx8IY9oi
Thanks for everyone that attend my QL workshop at #Ekoparty!
Here is some of the material covered during the workshop:
https://t.co/Z6kHUtk6tP
Are unit tests really effective in preventing bugs? We analyzed over 50k LGTM projects in Java, Python, and Javascript to find out. https://t.co/pZAwZs6htu
Now in beta! LGTM is supporting Golang and we have some projects that you can explore. Check them out and suggest others you'd like us to analyze. https://t.co/wTgvI4iPuU
.@mmolgtm takes a deep dive into past Android #deserialization vulnerabilities that exploited C++ pointers wrapped inside Java objects. https://t.co/QaIVdCbEve
Un honor tener a @nicowaisman en la eko, esta vez con su workshop "Cazando bugs con redes de pesca". Aprendimos cómo modelar bugs para encontrar vulnerabilidades 🎣
.
Such an honor to have @nicowaisman at ekoparty, this time with his workshop "Hunting bugs with fishing nets" 🎣
Imagine if your dev team could have automated code review powered by security expertise? Join @oegerikus and @fjserna as they share their vision for community-powered secure development: https://t.co/6ZmmBJvVcH
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers